Device Admin |
Note: These settings are accessed via the Admin menu, which is displayed to Admin users only (hidden from Member users). |
The setup of devices in the Kentik Detect portal is discussed in the following topics:
Note: If you would like assistance with any aspect of registering a device, please contact us at support@kentik.com.
top |
About Devices |
Devices in Kentik Detect are classified as either routers (which includes switches) or hosts. To enable devices to send flow data (NetFlow, sFlow, IPFIX) to Kentik Detect:
Note: If you would like assistance with any aspect of this process, please contact support@kentik.com.
top |
Devices Page |
All registered devices for a given customer are listed on the Devices page (a.k.a. Device Management) of the Kentik portal (choose Admin from the Kentik navbar, then Devices from the sidebar at left). The Devices page is covered in the following topics:
top | section |
Devices Page UI |
The Devices page includes the following UI elements:
top | section |
Device List |
The Device List is a table that shows information about the listed devices as well as available actions. By default the list (or each group if group-by is Site, Plan, or Type) is ordered alphabetically by name (ascending). To change the sort order of the list, click on a heading to choose a sort column, and on the resulting blue up or down arrow to choose the sort direction (ascending or descending).
Notes:
- Click on a column heading to sort the list (ascending or descending).
- To see additional information about a given device, click anywhere in the row for that device, which opens a Edit Device dialog in which you can review and (in some cases) edit settings (see Editing a Device).
- To remove a device, click the device’s row to open the Edit Device dialog, then click Remove at bottom left.
Device List Views |
The device list has two views that differ in terms of the columns that are displayed:
The two views have a number of columns in common (see Device List Common Columns).
Device List Common Columns |
The following columns of the Device List appear (left to right) in both the Device Stats view and the Device Details view:
Device Stats View |
The following Device List columns appear only in Device Stats view:
Note: For columns that are common to all Device List views, see Device List Common Columns.
Device Details View |
The following Device List columns appear only in Device Details view:
Note: For columns that are common to all Device List views, see Device List Common Columns.
Current and Historical Traffic Dialog |
The Current and Historical Traffic dialog, opened via the View in Chart button, displays a chart of the total volume of flows (source and destination) for a given device, both historically and over the last 24 hours.
The dialog includes the following UI elements:
top |
Device Admin Dialogs |
Adding or editing a device via the Kentik portal involves specifying information in the fields of the device admin dialogs, which are covered in the following topics.
Note: Devices can also be added and edited with the Device API.
top | section |
About Device Dialogs |
The Kentik portal uses device admin dialogs to collect the information required for Kentik to connect with the device to receive flow, poll SNMP, and establish BGP peering (when applicable). The required information is entered into the fields of either of the following dialogs:
top | section |
Device Dialogs UI |
The Add Device and Edit Device dialogs share the same layout and the following common UI elements:
top | section |
About Device Fields |
Each device admin dialog is broken into the tabs covered in the topics below, each of which is made up of a number of fields. The tabs that are visible at any given moment, and the fields on those tabs, varies depending on the type (router or host) of the device, and whether the device is being added or edited.
Until all required settings on a given tab are entered the tab name is preceded with a caution icon. Once a tab’s fields are complete the icon changes to a check mark.
Notes:
- Some fields that are editable when adding a device are read-only when editing a device.
- In addition to the fields used to enter information, the tabs of the device dialogs also include information used to configure a device to connect with Kentik (for routers, see Router Configuration Overview).
top | section |
Device General Settings |
The following table shows the elements of the General Settings tab of the device admin dialogs:
Element | Add Device |
Edit Device (Router) |
Edit Device (Host) |
Description |
Name | Editable field | Fixed field | Fixed field | User-supplied name string. |
Description | Editable field | Editable field | Editable field | User-supplied description string. |
Type | Drop-down menu | Fixed field | Fixed field | Specify the category of the device (see Supported Device Types). Note: Older device types for hosts — e.g. DNS (host-nProbe-dns-www), nHst (host-nProbe-basic), and kproxy — are deprecated. |
Labels | Selector | Selector | Selector | Opens a drop-down selector from which you can assign Device Labels. |
Manage (labels) | Link | Link | Link | Takes you to the Device Labels page (Admin » Device Labels). |
Contribute to CDN Attribution | Switch (if Type is host) |
N.A. | Switch | Enables the contribution of DNS data from this device to our CDN Attribution learning algorithms (see About CDN Attribution). Note: Only present if the device is a kprobe host. |
Sending IP(s) | Editable field | Editable field | Editable field | IP address(es) from which the router sends flow to Kentik. Note: The IP must be unique except as described in IP Overloading. |
Add Sending IP | Button | Button | Button | Adds a new Sending IPs field so you can add an IP. |
Sample Rate | Editable field | Editable field | Editable field | Total packets transiting the device for each packet processed for flow data (see Flow Sampling). Notes: - Kentik may dynamically downsample from this nominal sample rate as needed to keep FPS within limits specified in the plan (see About Plans) to which the device is assigned. - For hosts, see Sample Rate for Hosts. |
IP Overloading |
The address specified with Sending IPs must be unique (not used by any other device in your organization) for any device sending flow data directly to Kentik Detect. If, however, a device sends flow data via kproxy (see Kentik Proxy Agent) then an IP specified in the Sending IPs field may be the same as that of an already registered device so long as the following is true:
Supported Device Types |
Kentik Detect currently supports devices in two broad categories:
Devices in the two categories store and report traffic differently (see Device Type), and also have some differences in portal configuration settings, most notably a BGP tab for routers that is not present for hosts. The table below shows the types of devices currently available in the portal, including the category of each.
Portal name | Category | Subtype | Description |
Kentik Host Agent (kprobe) | Host | kprobe | Kentik’s software host agent (see About kprobe). |
NetFlow-enabled Router | Router | router | Hardware router or switch. |
A10 CGN | Router | a10_cgn | A10 Thunder Carrier Grade Networking devices (see A10 Thunder CGN Dimensions). |
Advanced sFlow | Router | advanced_sflow | Any sFlow device from which you want Kentik to ingest a value for the TTL dimension and/or for the Physical Interface dimensions (Src and Dst), which requires use of Kentik’s VLAN Mapping API (ask Customer Support for assistance). |
Cisco ASA | Router | cisco_asa | Cisco Adaptive Security Appliance (see Cisco ASA Dimensions). |
Cisco ASA (Syslog) | Router | cisco_asa_syslog | Syslog data from a Cisco Adaptive Security Appliance (see Cisco ASA Syslog Dimensions). |
Cisco NBAR-Enabled Router | Router | cisco_nbar | Cisco router that supports traffic prioritization using Network Based Application Recognition (https://www.cisco.com/c/en/us/products/ios-nx-os-software/network-based-application-recognition-nbar/index.html). |
Cisco Zone-Based Firewall | Router | cisco_zone_based_firewall | Cisco router using a zone-based firewall (see Cisco Zone-based Firewall). |
Darknet Stream | N.A. |
N.A. |
Reserved for Kentik use. |
Cisco IOS XR | Router | ios_xr | Data from routers using the IOS XR operating system (see IOS XR Dimensions). |
Istio (Beta) | Router | istio | Istio service mesh (see Istio Dimensions). |
Process-Aware Telemetry Agent | N.A. |
N.A. |
Reserved for Kentik use. |
kProbe True Origin Tap | N.A. |
N.A. |
Reserved for Kentik use. |
Cisco Meraki | Router | meraki | A Meraki-managed firewall (see Cisco Meraki Metrics). |
MPLS Router | Router | mpls | An MPLS-enabled router (see Using MPLS). |
ntop Host Agent (nProbe) | Host | nprobe | Deprecated. |
Palo Alto Networks Firewall | Router | paloalto | A PAN firewall (see Palo Alto Networks Firewall). |
Silver Peak EdgeConnect | Router | silverpeak | Silver Peak appliance running VXOA software (see Silver Peak Dimensions). |
Generic Syslog | Router | syslog | A generic device sending syslogs to kproxy (see kproxy Syslog Parsing). |
Juniper PFE (Syslog) | Router | pfe_syslog | Syslog data from a Juniper switch equipped with a Packet Forwarding Engine (see Juniper PFE Syslog Dimensions). |
Cisco SD-WAN vEdge | Router | viptela | IPFIX fields in cflowd records from Cisco vEdge SD-WAN routers (see Cisco SD-WAN Dimensions). |
Note: In the Device API the above device types are referenced using the subtype values listed above.
Sample Rate for Hosts |
Kentik Detect uses the kprobe software host agent to generate network traffic data from hosts (see About kprobe). The sample rate for flow data generated by kprobe involves two settings:
The sample rate that is actually used is determined by the following:
Note: If the value is not set in the command line and the Sample Rate field value is reset in the portal then the corresponding kprobe instance will exit. If kprobe is not run under a supervisor then it must be restarted manually. |
top | section |
Device Plan & Site Settings |
The following table shows the elements of the Plan & Site tab of the device admin dialogs:
Element | Add Device |
Edit Device (Router) |
Edit Device (Host) |
Description |
Billing Plan | Drop-down menu | Drop-down menu | Drop-down menu | The billing plan to which the device belongs (see About Plans). Note: If this field is set to a plan that doesn’t support BGP then no settings can be made on the BGP Settings tab. |
Site | Drop-down menu | Drop-down menu | Drop-down menu | The site to which the device is assigned (see About Sites). If the device is not yet assigned to any site, the drop-down defaults to “None selected.” |
top | section |
Device IP & SNMP Settings |
The table below shows the elements of the IP & SNMP tab of the device admin dialogs.
Note: This tab is shown only when the device type is router.
Element | Add Device |
Edit Device |
Description |
SNMP polling | Drop-down menu | Drop-down menu | The polling frequency for SNMP: - If Standard, interface counter will be polled every 5 minutes and interface description every 30 minutes. - If Minimum, interface counter won’t be polled and interface description will be polled every 6 hours. |
Device SNMP IP | Editable field | Editable field | The SNMP IP address that will be polled by Kentik Detect. |
SNMP Community | Editable field | Editable field | The SNMP community to use when polling the router. Note: Not shown when SNMP v3 is enabled. |
SNMP v3 Auth | Toggle switch | Toggle switch | If enabled, SNMP polling will be via SNMP V3 (see About SNMP V3). Available for routers only; overrides SNMP Community setting. |
SNMP v3 User Name | Editable field | Editable field | The user name for SNMP v3 authentication. Note: Shown and required only when SNMP V3 is enabled. |
SNMP v3 Auth Type | Editable field | Editable field | The SNMP v3 authentication protocol: - None - MD5 passphrase - SHA passphrase Note: Shown only when SNMP V3 is enabled. |
SNMP v3 Auth Passphrase | Editable field | Editable field | Password for SNMP V3 authentication. Note: Shown only when SNMP V3 is enabled and Auth Type is not “none.” |
SNMP v3 Privacy Type | Editable field | Editable field | The SNMP V3 privacy type: - None - DES (56-bit encryption) - AES-128 Notes: - Shown only when SNMP V3 is enabled. |
SNMP v3 Privacy Passphrase | Editable field | Editable field | Password for SNMP V3 privacy. Note: Shown only when SNMP V3 is enabled and Priv Type is not “none.” |
top | section |
Device BGP Settings |
The following table shows the elements of the BGP Settings tab of the device admin dialogs:
Element | Add Device |
Edit Device (Router) |
Edit Device (Host) |
Description |
BGP Type | Drop-down menu | Drop-down menu | Drop-down menu | Choose one of the following: - No peer, use generic IP/ASN mapping: Generic IP/ASN mapping will be used. - Peer with device: Kentik will BGP peer with this device. - Use table from another peered device: the BGP table will be obtained from another device that is already set to peer with Kentik. |
BGP Flowspec Compatible | Switch | Switch | Switch | Turn on if the router supports MP-BGP and is therefore compatible with BGP Flowspec. |
Your IPv4 Peering Address | Editable field | Editable field | Editable field | The IPv4 address of the peering device. - Displayed only when BGP is set to “Peer with device.” - RFC1918 addresses are not valid. - Cannot be an IP that is already being used to peer with a different Kentik Detect device. |
Your IPv6 Peering Address | Editable field | Editable field | Editable field | The Ipv6 address of the peering device. - Displayed only when BGP is set to “Peer with device.” - RFC1918 addresses are not valid. - Cannot be an IP that is already being used to peer with a different Kentik Detect device. |
Your ASN | Editable field | Editable field | Editable field | The number (16- or 32-bit) of the autonomous system (AS) to which the peering device belongs. - Displayed only when BGP is set to “Peer with device.” |
BGP MD5 Password | Editable field | Editable field | Editable field | Optional shared authentication password for BGP peering; 32 alphanumeric characters. - Displayed only when BGP is set to “Peer with device.” |
Master BGP Device | Drop-down menu | Drop-down menu | Drop-down menu | The device whose BGP table will be shared with this device. - Displayed only when BGP is set to “Use table from another peered device.” |
Note: Settings can’t be made on the BGP Settings tab unless the Billing Plan field (see Device Plan & Site Settings) is set to a plan that supports BGP (see About Plans).
top | section |
Device Config Info |
In addition to internal Kentik Detect settings for registered devices, the tabs of the Add Device and Edit Device dialogs include the following information needed when configuring routers:
top |
Add or Edit Device |
Devices are created and edited via the Devices page of the Kentik Detect portal (choose Admin from the Kentik navbar, then Devices from the sidebar at left). The add/edit process is covered in the following sections:
top | section |
Adding a Device |
To add (register) a new Device:
Notes:
- In addition to registering a device you must also configure the device itself to send flow records to Kentik Detect; see Router Configuration or Host Configuration.
- For assistance walking through this process please email support@Kentik.com.
top | section |
Editing a Device |
To edit an existing Device:
Note: To delete a device, click Remove at lower left.
top | section |
Enabling BGP |
To enable collection of BGP data from a device:
In this article: