Setting Device42’s Netflow Collector to run as a service allows you to configure it to start automatically with Windows, as well as allows the Netflow collector to be controlled and monitored like any other Windows service.
This includes the ability to start, stop, and restart the service, as well as creation of service dependencies and default restart actions from services.msc!
Configure Device42 Netflow to Run as a Service
- Download / Unzip
- Ensure you are allowing / allow Netflow (Port 2055/UDP) through your firewall
- Register the D42Netflow service, set it to start at boot, and start it!
Note: we recommend installing D42Netflow on a machine with 6GB of ram or more available to the service. For more information, binary options, etc., see our Docs article: Installing the Device42 Netflow Collector as a Service.
1) Download and extract d42-netflow-collector-v200.zip from the Device42 autodiscovery download page, unzip it, and copy the 64-bit executable to the directory of your choice. For Windows 64-bit, “c:\program files” is a often chosen; for Linux, “/opt/rc/services/” is commonly used. The 64-bit binary was renamed and copied it to “C:\Program Files\d42-netflow\d42-netflow64.exe”.
2) Ensure the Windows / Linux Firewall is allowing NetFlow traffic on port 2055/udp by opening your firewall control panel: Start menu → Control Panel → System and Security → Windows Defender Firewall → Allow an app or feature through Windows Defender Firewall:
Add a firewall exception for D42Netflow by choosing “Allow another app:” and browsing to the binary in “C:\Program Files\d42-netflow\d42-netflow64.exe”:
$ sudo firewall-cmd --zone=public --add-port=2055/udp --permanent $ sudo firewall-cmd --reload
3) Register the D42Netflow service
Run CMD as an administrator by typing ‘cmd’ into the start menu, right clicking, and selecting “Run as administrator”
In your administrative command prompt, run the following to register the downloaded netflow collector. Be sure to provide the full path to the binary, and for clarity, name the service “D42Netflow”:
$ sc create <ServiceName> binPath="c:\path\to\binary\windows_x64.exe -h <ma_url> -u <username> -p <password> -i <Interval>"
After executing the above, you can see your new service in the services control panel (services.msc):
On Linux / SystemD: Create file `/etc/systemd/system/netflow.service` containing the following:
## SystemD [Unit] Description=NetFlow Service [Service] PIDFile=/tmp/netflow.pid User=root Group=root WorkingDirectory=/opt/rc/services ExecStart=/opt/rc/services/netflow -h https://ma.host.domain -u username -p password -i 30 Restart=always [Install] WantedBy=multi-user.target
3) Start the service!
Run service manger (services.msc), right click D42Netflow, and choose Properties. In the modal Window, you’ll likely want to set the ‘Startup Mode” to Automatic, and then press “Start” to start D42Netflow:
Set the service as executable: $ chmod +x /opt/rc/services/netflow Set the service to start automatically: $ systemctl enable netflow Start the service: $ systemctl restart netflow
That’s it! You’re finished! D42Netflow should now auto-start with each boot until you disable it.
The Device42 Netflow collector is a self-contained utility that collects netflow data, analyzes it, and sends it to your Device42 instance to enhance application dependency mapping data. Device42 augments data gathered via other auto-discovery methods (e.g. SNMP, WMI / WinRM for Windows, SSH for Linux, etc.) with netflow data, producing a comprehensive ‘map of your infrastructure including accurate details and important inter-relationships — and all of this without the need to configure expensive span or mirror ports!
If you have any questions or comments, leave a note below, or email [email protected]. If you’d like to see something specific as a follow up to this article, let us know – we’re ears wide open!
If you still need to download a trial of Device42, it couldn’t be easier — Click here!