Table of Contents
This section contains information on advanced topics, which many users will not be concerned about.
Some custom sFlowTrend-Pro server configuration is possible through the sFlowTrend-Pro properties file. Modifying this is only recommended for advanced users. The file must be edited using a standard text editor, and sFlowTrend-Pro service must be restarted before any of the changes will take effect. Changes to the configuration will affect all users using the server.
The properties file is called
and it is located in the sFlowTrend-Pro home directory (which can be
identified through the sFlowTrend-Pro
menu, General tab, File location).
file does not exist in the directory, then create the file first.
The file is organized as a series of lines, where each line
is of the form:
propertyName = value
database.hoursPersistent = 336
would change the number of hours of data stored in the database to 336 (2 weeks). Note that all properties and values must be entered exactly as specified. Some of the properties that can be modified using the properties file are:
true. In this case, sFlowTrend-Pro will automatically enable and start collecting data from the first
nswitches that it receives unsolicited (command line configured) sFlow from, where
nis the maximum number of switches allowed by the software license. To control manually which switches are enabled, set this value to
If sFlowTrend-Pro is using SNMP to configure the switches to send sFlow, sFlowTrend-Pro will use this value to configure the sampling rate for all interfaces of the given ifSpeed. The default values are:
sflowtrend.samplingRate.medium = 512 sflowtrend.samplingRate.10.medium = 128 sflowtrend.samplingRate.100.medium = 256 sflowtrend.samplingRate.1000.medium = 512 sflowtrend.samplingRate.10000.medium = 1024
sflowtrend.samplingRate.100.medium = 256
tells sFlowTrend-Pro to configure all interfaces with an
ifSpeed of 100 Mb/s with a sampling rate of
1 in 256. The value for
is used by sFlowTrend-Pro when configuring an interface with
an ifSpeed for which a sampling rate has not been
specified. For example, with the default sampling rate
settings, a 4 Gb/s trunk would
be configured with a sampling rate of 1 in 512.
You can specify sampling rates for other ifSpeeds. For example
sflowtrend.samplingRate.8000.medium = 1024
tells sFlowTrend-Pro to configure all interfaces, with an ifSpeed of 8 Gb/s, with a sampling rate of 1 in 1024.
false. In this case, if sFlowTrend-Pro is using SNMP to configure the switches to send sFlow, and finds that a switch has already been configured by another application and there are no unclaimed receiver entries on the switch, then sFlowTrend-Pro will not configure the switch. In this case sFlowTrend-Pro will show the switch status as Already in use. If the value for this setting is
trueand there are no unclaimed receiver entries on the switch, then sFlowTrend-Pro will overwrite the first receiver entry forcibly claim it.
sflowtrend.natReceiverAddress = 10.1.2.3:7070or for a NAT device with a public IPv6 address of sflowtrend.natReceiverAddress = 2001:df8:3c5d:15:1a36:3ecd:dc72:ef7e and a forwarded sFlow port of 7575
[2001:df8:3c5d:15:1a36:3ecd:dc72:ef7e]:7575Note that you must also choose this address as the collector address, see Section 13.2.2, “sFlow configuration”
8087. If this is changed, then a client connecting to the server must also use the new value. For example, if the port is changed to
8088, then point a web browser at
false, which means that the server web server can respond to requests from any client. If you want to disallow clients other than the system that is running the server from connecting to the server, then set this property to
true. By default, the setting is
false. When set to
true, there are two effects:
Strict-Transport-Securityhttp header added, which causes subsequent requests from the browser to always use https, even if no protocol was specified in the URL.
8443. If this is changed, then a client connecting to the server must also use the new value. For example, if the port is changed to
8444, then point a web browser at
Specifies cipher suites that are to be removed from those supported by the https web server. This setting can be used to remove insecure cipher suites. Cipher suites must be specified as a comma separated list, using standard Java naming. If this setting is used, then the default cipher suites to be removed will be overridden, so these defaults must be specified explicitly if it is desired to continue to remove them.
The current default cipher suites to remove are:
TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA SSL_RSA_WITH_3DES_EDE_CBC_SHA TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA TLS_ECDHE_ECDSA_WITH_RC4_128_SHA TLS_ECDHE_RSA_WITH_RC4_128_SHA SSL_RSA_WITH_RC4_128_SHA TLS_ECDH_ECDSA_WITH_RC4_128_SHA TLS_ECDH_RSA_WITH_RC4_128_SHA SSL_RSA_WITH_RC4_128_MD5