Overview

Datadog Network Device Monitoring (NDM) provides visibility into your on-premises and virtual network devices, such as routers, switches, and firewalls. As a part of NDM, NetFlow Monitoring enables you to examine, interpret, and analyze your network traffic flow data over time, and identify top contributors to network congestion.

After enabling NetFlow Monitoring, you can create a NetFlow monitor to alert you when a flow metric (such as network throughput for a specific source or destination pair) crosses a threshold that you have set.

Monitor creation

To create a NetFlow monitor in Datadog, use the main navigation: Monitors –> New Monitor –> NetFlow.

Define the search query

As you define the search query, the top graph updates in real time.

1. Construct a search query using the same logic as the NetFlow widgets in your dashboards.
2. Select if you want to alert on bytes or packets for traffic.
3. Choose the tags you want to filter the alerted traffic by. See the full list of available facets.

Using formulas and functions

You can create NetFlow monitors using formulas and functions. This can be used, for example, to create monitors on the volume of traffic sent by source and device.

For more information, see the Functions documentation.

Set alert conditions

Configure monitors to trigger if the query value crosses a threshold, and customize advanced alert options for recovery thresholds and evaluation delays. For more information, see Configure Monitors.

Notifications

For detailed instructions on the Say what’s happening and Notify your team sections, see the Notifications page.

Monitor NetFlow events

For more information about events you can create NetFlow monitors on, see the NetFlow Monitoring documentation.

Further Reading

Additional helpful documentation, links, and articles:

Learn more about NetFlow MonitoringDOCUMENTATION Configure your monitor notificationsDOCUMENTATION Schedule a downtime to mute a monitorDOCUMENTATION Check your monitor statusDOCUMENTATION