MikroTik

Hello,

I have been reading some cisco documentation about implementing netflow via snmp with the netflow mib. Anyone tried to make this work in the dude?

We'd like to have the same granular statistics netflow offers in the dude.

Thanks!

I used to use scrutinizer the free version and it is getting fairly huge, 800mb install but it works really well for free (only stores 1 day of data).

If you do have netflow data stored in SNMP most likely each flow is separated into multiple OIDs and processing groups of OIDs would take some detailed work.
you would take the source, destination, and byte count for and create a "flow" out of those 3 oids, then you could collect that data every minute and graph the byte count diff.

The trouble is if the OID for source is an array you do not have a while loop to determine when to stop processing also there are no variables so you would have to use string manipulation to read the other associated OIDS.

For example a flow could be 3 oids but there are 10 flows or 9 flows or 30 flows since they change constantly you would read the array of sources, destinations, and bytes. So you the first array of sources and the first entry in that array flow 1 source and destination and graph the utilization, how do you display the source and destination IP address in the graph? Then you graph flow 2 and so on, you could have many different things graphed in a chart so you add a static chart that shows the first 30 flows by statically coding the OIDs... not fun and flow 1 is not flow 1 since flow 1 stopped and a new flow 1 started with a different source and destination.

You would probably be better using an external program to generate a list of flows that you could show the most recent ones or maybe the largest flows for the last x minutes then display that on a device label. Graphing individual flows in the dude sounds very difficult due to the different design goals.