Previous posts of this article series.
1. Developing A Network Monitoring Tool Using CISCO NetFlow : Part 1
2. Developing A Network Monitoring Tool Using CISCO NetFlow: 2 – Analysis and Design
3. Developing A Network Monitoring Tool Using CISCO NetFlow: 3 – Implementation 1

Implementation of Alert System

Methodology

Alerts generate when the threshold of any bandwidth or client system usage is reached. Thresholds can update in the Settings page by users. The default threshold is 80%. For calculating bandwidth percentage, the user needs to update maximum available upload and download bandwidths of the internet link in the Settings page.

Bandwidth %=Current bandwidth) x 100/Maximum bandwidth

There are three types of alerts in this tool. 

  • Sound alert generates in real-time sound in the server.
  • Email alert sends an email to system admin with the alert details.
  • Alert log has alert details (Alert date, time and description of the alert) which can use for future references.

Alerts are saved with the alert description and alert date /time in a separate .dat file named as alerts.dat. This file will use for the alert log.

Client system resource usage (RAM and Hard disk) threshold reach alerting also included in this tool. When the threshold reached, a TCP socket connection opened to the server and sent an alert message to the server. Then this type of alert also processes as bandwidth alerts.

System resource usage %=(Total size of resource -free size of resource) x 100/Total size of resource

For email alerts, there is a predefined email address for this tool. System user can use this email address, or the user should update the settings with their own email address and password. Currently, this tool supports SMTP server of Gmail. So the user needs to use Gmail email address.
Settings are saved as a separate .dat file as settings.dat. In the settings, user need to add inputs for,

  • Network Address
  • Maximum download and upload bandwidth in Mbps
  • Alert threshold as a percentage
  • NetFlow source IP
  • NetFlow server port
  • Bandwidth data record time in seconds
  • System email address
  • The password of the system email address
  • The Email address of system administrator which need to send email alerts.

Problems, Limitations and Solutions

When the author sets up the email alert system using SMTP server of Gmail, it was given the error “javax. mail. MessagingException: Can’t send command to SMTP host” error. The reason for the error was the Gmail account protection. The problem was resolved to turn on the “Access for less security apps” option located at https://www.google.com/settings/security/lesssecureapps

Access for less security apps
Access for less security apps

Possible Future Developments

Following future increments can be done.

  • Use your own SMTP server for Email alerts.
  •  Because this tool is for small businesses, SMTP server of Gmail is acceptable, which also free of charge. But there are some limitations on Gmail SMTP server such as the daily email limit. Using their SMTP server can avoid these problems. To do that code of the tool must change according to the local SMTP server.
  • User SMS alerting for the alert system

Adding an SMS gateway to the system can do this task which costs some money.

Leave a Comment