PRTG Manual: Channel Definitions for xFlow, IPFIX, and Packet Sniffer Sensors

When adding Custom xFlow sensors, Custom IPFIX, or Custom Packet Sniffing sensors, you have the option to provide a Channel Definition. In this field enter your channel definitions using the following syntax (one entry per channel):

#<id>:<Name>
<Rule>

Syntax

• The <id> needs to be 1 or a higher number and must be unique for the sensor. This means each channel definition must have a unique ID.
  The maximum channel ID you can use is 2147483648 (2^31). Higher IDs are not supported. We recommend that you use channel IDs like 1, 2, 3, and so on.
• The <id> is linked to the historic data.
  As soon as you change the ID, you will loose the history for this particular channel that the ID was linked to.
• One rule can span multiple lines.
• The next rule starts with a # as first character in a line.
• The <name> is the channel's display name.
• The rules are processed top to bottom (the number does not matter) and the data is accounted to the first match.
• PRTG adds one channel named Other automatically. This channel counts all traffic for which you have not defined a channel.
• After the name you can use an optional [<unit>] to override the automatic unit, which is based on the source sensors.

The <Rule> syntax is identical to the one described in the Filter Rules for xFlow and Packet Sniffer Sensors section. Because data is accounted to the first match, make sure you start with the most specific rule at the top and get less specific to the bottom.

We recommend that you write the rules list in an external editor first and then paste it into the Channel Definition field of the sensor in PRTG. Otherwise, if the rules contain an error, the entries will be removed when you add the rules in case!

You cannot delete channels of an existing sensor, even if you remove a channel from the channel definition. You also cannot change the display name of channels using the channel definition of custom flow sensors. Renaming is only possible via channel settings.

Example

General example:

#5:HTTP
Protocol[TCP] and 
(SourcePort[80] or DestinationPort[80] or SourcePort[8080] or 
DestinationPort[8080])

Channel definition example for differentiating by protocol:

#1:TCP
Protocol[TCP]
 
#2:UDP
Protocol[UDP]
 
#3:ICMP
Protocol[ICMP]

Related Topics

• Filter Rules for xFlow, IPFIX, and Packet Sniffer Sensors
• Monitoring Bandwidth via Packet Sniffing
• Monitoring Bandwidth via Flows

More

Knowledge Base: How can I change the default groups and channels for xFlow and Packet Sniffer sensors?

• https://kb.paessler.com/en/topic/60203

Advanced Topics

• Active Directory Integration
• Application Programming Interface (API) Definition
• Filter Rules for xFlow, IPFIX, and Packet Sniffer Sensors
• Channel Definitions for xFlow, IPFIX, and Packet Sniffer Sensors
• Define IP Ranges
• Define Lookups
• Regular Expressions
• Add Remote Probe
• Failover Cluster Configuration
• Data Storage
• Using Your Own SSL Certificate
• Calculating Percentiles