Chapter 15. Advanced topics

Table of Contents

15.1. Custom configuration
15.1.1. Client custom configuration settings
15.1.2. Server custom configuration settings
15.2. Customising protocol names

This section contains information on advanced topics, which many users will not be concerned about.

15.1. Custom configuration

Some custom configuration is possible through the use of the sFlowTrend-Pro properties file. Modifying this is only recommended for advanced users. The file must be editing using a standard text editor, and sFlowTrend-Pro must be restarted before any of the changes will take effect.

If running sFlowTrend-Pro as a service, then both the client and the server have their own property files. Care must be taken to modify the appropriate one, depending on the desired outcome. The correct file to modify is indicated against each property, below. If the server property file needs to be modified, then this will affect all users using the server. The service must be restarted for the changes to take effect. If the client property file is modified, then this will only affect that client. In this case, the client must be closed and re-opened before the change will take effect.

The properties file is called config.prp, and it is located in the sFlowTrend-Pro home directory (which can be identified and changed through the sFlowTrend-Pro ToolsOptions menu selection). If you are running sFlowTrend-Pro as a service, then take care to locate the correct client home directory, on the local system (the first shown via the Options menu), or the server home directory, on the remote server system (the second shown).

If the config.prp file does not exist in the directory, then it must first be created. The file is organised as a series of lines, where each line is of the form:

propertyName = value
            

For example,

chart.topn = 8
            

would change the number of entries in a top-n to 8. Note that all properties and values must be entered exactly as specified. Some of the properties that can be modified using the properties file are:

15.1.1. Client custom configuration settings

The settings in this section apply to the client. If you are running sFlowTrend-Pro as an application, then the client and server share the configuration file. If you are running as a service, then the file should be modified on the client only.

chart.font, chart.legend.font, chart.title.font, chart.subtitle.font
These settings control the fonts used for the charts displayed in the Charts tab. The format for these settings is one of:
fontname-style-pointsize
fontname-pointsize
fontname-style
fontname
                        
where style is case insensitive "PLAIN", "BOLD", "BOLDITALIC", or "ITALIC"; for example Arial-BOLD-11.
chart.topn
Controls how many entries are displayed in each top-n chart (ie the value of n). The default value is 5.
circles.font, circles.legend.font, circles.title.font, circles.subtitle.font
These settings control the fonts used for the Circles charts. The format for these settings is one of:
fontname-style-pointsize
fontname-pointsize
fontname-style
fontname
                         
where style is case insensitive "PLAIN", "BOLD", "BOLDITALIC", or "ITALIC"; for example Arial-BOLD-11.
circles.maxFlows
Controls the number of flows displayed in the Circles charts. The default value is 100.
client.lookAndFeel
This setting controls the look and feel used for the sFlowTrend-Pro client. By default the Java system look and feel, which is most consistent with the operating system, look and feel is used. Alternative Java cross-platform look and feels are Nimbus and Metal (the look and feel used for earlier versions of sFlowTrend-Pro).
client.serverPort
This setting controls the TCP port used by the client to connect to the server. It must match the server.webserver.port of the server you are connecting to (unless the port is changed in the connect dialog of the client - for more information, see Section 12.3, “Connecting to a server”). The default is 8087.
client.https.serverPort
This setting controls the TCP port used by the client to connect to the server over https. It must match the server.webserver.https.port of the server you are connecting to. The default is 8443.
client.https.keyStore
The Filename of client trusted certificate key store in sFlowTrend-Pro client home directory. The default is trustedCerts.
client.https.password
The password for the client trusted certificate key store. The default is sflowtrend.

15.1.2. Server custom configuration settings

The settings in this section apply to the server. If you are running sFlowTrend-Pro as an application, then the client and server share the configuration file. If you are running as a service, then the file should be modified on the server only.

database.hoursPersistent
Controls how many hours of data will be stored in the database, before being flushed. This number can be reduced from the default of 168 (1 week), if the database is getting too large.
event.threshold.email
Sets the number of queued email event actions when email suppression will be enabled. The default value is 3, and a value of 0 switches off suppression of event email messages.
event.threshold.syslog
Sets the number of queued syslog event actions when syslog suppression will be enabled. The default value is 5, and a value of 0 switches off suppression of event syslog messages.
sflowtrend.autoEnable
The default value for this setting is true. In this case, sFlowTrend-Pro will automatically enable and start collecting data from the first n switches that it receives unsolicited (command line configured) sFlow from, where n is the maximum number of switches allowed by the software license. To control manually which switches are enabled, set this value to false.
sflowtrend.samplingRate.[ifSpeed.]medium

If sFlowTrend-Pro is using SNMP to configure the switches to send sFlow, sFlowTrend-Pro will use this value to configure the sampling rate for all interfaces of the given ifSpeed. The default values are:

sflowtrend.samplingRate.medium = 512
sflowtrend.samplingRate.10.medium = 128
sflowtrend.samplingRate.100.medium = 256
sflowtrend.samplingRate.1000.medium = 512
sflowtrend.samplingRate.10000.medium = 1024
                            

For example

sflowtrend.samplingRate.100.medium = 256
                            

tells sFlowTrend-Pro to configure all interfaces with an ifSpeed of 100 Mb/s with a sampling rate of 1 in 256. The value for sflowtrend.samplingRate.medium is used by sFlowTrend-Pro when configuring an interface with an ifSpeed for which a sampling rate has not been specified. For example, with the default sampling rate settings, a 4 Gb/s trunk would be configured with a sampling rate of 1 in 512.

You can specify sampling rates for other ifSpeeds. For example

sflowtrend.samplingRate.8000.medium = 1024
                            

tells sFlowTrend-Pro to configure all interfaces, with an ifSpeed of 8 Gb/s, with a sampling rate of 1 in 1024.

sflowtrend.useForce
The default value for this setting is false. In this case, if sFlowTrend-Pro is using SNMP to configure the switches to send sFlow, and finds that a switch has already been configured by another application and there are no unclaimed receiver entries on the switch, then sFlowTrend-Pro will not configure the switch. In this case sFlowTrend-Pro will show the switch status as Already in use. If the value for this setting is true and there are no unclaimed receiver entries on the switch, then sFlowTrend-Pro will overwrite the first receiver entry forcibly claim it.
sflowtrend.natReceiverAddress
If sFlowTrend-Pro is using SNMP to configure switches to send sFlow and there is a NAT device between the system running sFlowTrend-Pro and the switches, use this setting to specify the public IP address and port on the NAT device that sFlow should be sent to. Note that in a virtual or container environment a virtual NAT device is often used and this setting is applicable. If you are not using SNMP to configure switches to send sFlow, then this setting is not required. For example, for a NAT device with a public IPv4 address of 10.1.2.3 and a forwarded sFlow port of 7070
                                sflowtrend.natReceiverAddress = 10.1.2.3:7070
                            
or for a NAT device with a public IPv6 address of sflowtrend.natReceiverAddress = 2001:df8:3c5d:15:1a36:3ecd:dc72:ef7e and a forwarded sFlow port of 7575
                                [2001:df8:3c5d:15:1a36:3ecd:dc72:ef7e]:7575
                            
Note that you must also choose this address as the collector address, see Section 13.5.6, “Advanced sFlow
server.webserver.port
The TCP port that the server web server will listen on. This default value is 8087. If this is changed, then a client connecting to the server would also need to change to the same value (see client.serverPort).
server.webserver.localonly
By default, this setting is false, which means that the server web server can respond to requests from any client. If you want to disallow clients other than the system that is running the server from connecting to the server, then set this property to true.
server.webserver.https.port
The TCP port that the web server will use for https connections to clients. The default value is 8443. If this is changed, then a client connecting to the server would also need to change the corresponding setting (see client.https.serverPort).
server.webserver.https.keyStore
Filename of https key store in sFlowTrend home directory. The default value is httpsKeyStore.
server.webserver.https.alias
Alias of certificate for https in key store. The default value is sflowtrend.
server.webserver.https.password
Password for the key store. The default value is sflowtrend.
server.webserver.https.keyPassword
Password for the private key. If left blank or ommitted (default), then the password for the key store is used.
server.webserver.https.removeCiphers

Specifies cipher suites that are to be removed from those supported by the https web server. This setting can be used to remove insecure cipher suites. Cipher suites must be specified as a comma separated list, using standard Java naming. If this setting is used, then the default cipher suites to be removed will be overridden, so these defaults must be specified explicitly if it is desired to continue to remove them.

The current default cipher suites to remove are:

TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
SSL_RSA_WITH_3DES_EDE_CBC_SHA
TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
TLS_ECDHE_RSA_WITH_RC4_128_SHA
SSL_RSA_WITH_RC4_128_SHA
TLS_ECDH_ECDSA_WITH_RC4_128_SHA
TLS_ECDH_RSA_WITH_RC4_128_SHA
SSL_RSA_WITH_RC4_128_MD5                        
                            

server.webserver.https.includeCiphers
Specifies cipher suites that are to be included as supported by the https web server. Cipher suites must be specified as a comma separated list, using standard Java naming. This setting specifies only those cipher suites to be supported; no others will be available. This means if use this parameter, you must specify all cipher suites to be used by the web server.
server.webserver.https.removeProtocols
Specifies SSL protocols that are to be removed from those supported by the https web server. This setting can be used to remove insecure protocols. Protocols must be specified as a comma separated list, using standard Java naming.
server.webserver.https.includeProtocols
Specifies SSL protocols that are to be included as supported by the https web server. Protocols must be specified as a comma separated list, using standard Java naming. This setting specifies only those protocols to be supported; no others will be available. This means if use this parameter, you must specify all protocols to be used by the web server.