Extreme Networks

Stephen_Stormon · ‎03-09-2023

We have two x695 switches running XOS 31.7.1.4 31.7.1.4-patch1-36. We opened a case to see if there was a way to disable analytics on a specific port and were told that it can be done but is not officially supported. The port in question is the external side of our firewall and it is generating a lot of traffic that fills up the logs (and causes concern even the firewall is blocking the traffic). We tried the unofficial steps of trying to remove the port from telemetry but that failed (below)

* Summit-BTP-x695-01.12 # configure access-list telemetry ports 1-15,17-62 ingress

Error: ACL install operation failed - filter hardware full for vlan *, port 62

Is there any way in Analytics to filter out a specific port or IP from being displayed in the Application Flows?

Ryan_Yacobucci · ‎03-11-2023

Hello,

You can try this:
Analytics > Configuration > Select specific Engine > Configuration > Configuration Properties > Add NAME = “options.FlowServerOptions.flowCollectorFilter” (see below)

NAME = options.FlowServerOptions.flowCollectorFilter
VALUE (example) = sip=10.3.0.0/16,exclude;dip=10.3.0.0/16,exclude;sip=10.5.0.0/16,exclude;dip=10.5.0.0/16,exclude

You should be able to use this to exclude traffic.

Thanks
-Ryan

Stephen_Stormon · ‎03-13-2023

I'm not seeing a "Configuration properties" option unless I'm totally missing it. We are on version 23.2.10.82.

Ryan_Yacobucci · ‎03-13-2023

Stephen_Stormon · ‎03-14-2023

Thanks, I definitely missed that. I put in a filter but is doesn't seem to be working as I am still seeing the traffic. Is there a FlowCollectorFilter to exclude traffic on specific ports of a switch?

Extreme Networks

Filter a specific server or port out of Extreme Analytics?

Filter a specific server or port out of Extreme Analytics?