That was why I asked the original question, we ran analysis reports and then created traps based on results of the analysis, we were not having any traps created when we expected 30 traps per day. Found that the interface was not staying above the threshold we had set for the whole 15 minute period, it would go above the threshold for 4 or 5 minutes then drop below the threshold for 1 minute, then above for another 4 or 5 minute. So for the analysis reports it was above the threshold for the 15 minute average. Since the traps look at each minute, we didn’t have any traps generated.
From: CA Infrastructure Management Global User Community (eHealth/Spectrum/NetQoS) [mailto:
CommunityAdmin@communities-mail.ca.com]
Sent: Monday, June 24, 2013 11:11 AM
To:
mb.87772687.101275727@myca-email.ca.com
Subject: [.CA Network Flow Analysis] RE: netflow trap alerts.
Yeah, but if the analysis shows a threshold violation, the 1-minute data should also show that violation. Your explanation could explain why you would see a trap but nothing in the analysis (because of the 15 minute averaging). What about the other way around?
Posted by:Stuart_Weenig
--
CA Communities Message Boards
101278267
mb.87772687.101275727@myca-email.ca.com<mailto:
mb.87772687.101275727@myca-email.ca.com>
https://communities.ca.com