Set up your network devices so they send network data to New Relic One.
- A New Relic account. Don't have one? Sign up for free! No credit card required.
- A New Relic account ID. Read how to find your account ID.
- A New Relic license key.
- Docker installed in your local machine.
- SSH access to the Docker host, with the ability to launch new containers.
- Access to Layer 2/3 network devices that can generate and send network flow data, and also add and modify network flow targets on the device. Here's how to configure network flow data collection in some devices:
Network flow data device
Kentik's integration supports four types of network flow data. When running the ktranslate image, you can specify which type you want to monitor using the
The ktranslate image only supports monitoring one type of network flow data type at a time. If you want to monitor several types, each will require a container. IPFIX and NetflowV9 can be sent to the same container, but we recommend running a separate container as a best practice.
To check the equivalence among the network flow data type and the value you need to specify when running the image, see the following table:
Network flow data type
NetFlow version 5
NetFlow version 9
For Juniper Networks'
jFlow, use the
When planning your strategy for collecting network flows at scale, New Relic recommends 1 CPU per 2000 flows-per-second (120,000 flows-per-minute). Deciding whether to run more small containers to distribute load or fewer large containers to consolidate management is a matter of personal preference.
In your local machine, from a Linux host with Docker installed, download the ktranslate image from dockerhub by runningbash$docker pull kentik/ktranslate:v2
snmp-base.yamlfile to the local
$HOMEdirectory of your Docker user, and discard the container by runningbash$cd .$id=$(docker create kentik/ktranslate:v2)$docker cp $id:/etc/ktranslate/snmp-base.yaml .$docker rm -v $id
snmp-base.yamlfile, add your network flow devices inside the
devicesvariable with the following structure:devices:flowDevice:device_name: edge-routerdevice_ip: 10.10.1.254flow_only: trueuser_tags:owning_team: net_engenvironment: production
If you're already monitoring SNMP data devices that send network flow data, you don't need to add them in your
ktranslateto listen for network flows from devices by entering the following commands:
Add your New Relic license key and your account ID in the
$NR_ACCOUNT_IDvariables respectively.bash$docker run -d --name ktranslate-sflow --restart unless-stopped --net=host \>-v `pwd`/snmp-base.yaml:/snmp-base.yaml \>-e NEW_RELIC_API_KEY=$NR_LICENSE_KEY \>kentik/ktranslate:v2 \>-snmp /snmp-base.yaml \>-nr_account_id=$NR_ACCOUNT_ID \>-metrics=jchf \>-log_level=info \>-tee_logs=true \>-flow_only=true \>-nf.source=sflow \>nr1.flow$## If your account is located in Europe, you need to add the following option before the nr1.flow line$## -nr_region=EU \
To get better visibility into your network, set up SNMP data monitoring.
If you need more help, check out these support and learning resources:
- Browse the Explorers Hub to get help from the community and join in discussions.
- Find answers on our sites and learn how to use our support portal.
- Run New Relic Diagnostics, our troubleshooting tool for Linux, Windows, and macOS.
- Review New Relic's data security and licenses documentation.