querying raw data in nagios is useful to pinpoint problems. but first you have to extend save time for raw data, from 24 hours to longer period. then you can query the data with syntax similar to wireshark, bu much easier. For example, such as 'src net 192.168.0.0/24 AND (dst port 21 or dst ip 8.8.8.8)'.
REF: https://library.nagios.com/library/products/nagios-network-analyzer/documentation/660-understanding-and-using-custom-queries-in-nagios-network-analyzer
沒有留言:
張貼留言