sFlow Filter im PRTG Network Monitor und ihre Syntax
Filter rules are based on the following format: field[filter] Samples: SourceIP[10.0.0.1] SourceIP[10.*.*.*] SourceIP[10.0.0.0/10] DestinationIP[10.0.0.120-130] DestinationPort[80-88] Protocol[UDP] Complex expressions can be created using parentheses and and/or/not: Protocol[TCP] and not (DestinationIP[10.0.0.1] or SourceIP[10.0.0.0] Samples: SourceIP[10.0.0.1] SourceIP[10.*.*.*] SourceIP[10.0.0.0/10] DestinationIP[10.0.0.120-130] DestinationPort[80-88] Protocol[UDP] Valid fields are: IP Port SourceIP SourcePort DestinationIP DestinationPort Protocol (values: TCP, UDP, ICMP, OSPFIGP or any number) ToS Additional Sniffer Fields: MAC SourceMAC DestinationMAC EtherType (values IPV4, ARP,RARP,APPLE, AARP,IPV6 ,IPXold, IPX or any number) Additional NetFlow v5 / jFlow fields: Interface ASI InboundInterface OutboundInterface SourceASI DestinationASI Additional NetFlow v9 fields: Interface ASI InboundInterface OutboundInterface SourceASI DestinationASI MAC SourceMAC DestinationMAC Mask SourceMask DestinationMask Note: ‚Masks‘ represent subnet masks in the form of a single number (’number of contiguous bits‘) NextHop (IP address) …