|
|
|
NetFlow Listener display results
|
|
Applies to:
|
Packettrap 360
|
|
NetFlow Listener display results
Panel View
The left hand pane displays the NetFlow data organized into a panel view. The panels are divided into sections which include:
* Applications - Selecting [well known] applications will divide traffic into such well known applications as ECHO, HTTP, HTTPS, NTP, rtip, SMTP, SNMP, Telnet and others. Selecting [Other] will display traffic of unknown applications divided by the port that the application is using.
* Conversations - This context view will show the talking (traffic) between two nodes. You may see multiple ‘conversations’ from an IP in the ‘Source IP’ column to various ‘Destination IPs’.
* Domains - These of course are the domains with which the NetFlow device is interacting. Selecting one of these domains will display traffic occurring on that domain.
* Endpoints - are nodes (devices). Selecting this view will list all of the nodes talking to the NetFlow device (router). The top user in terms of bandwidth will appear at the top by default. You can also click on ‘KB’ column to sort and find the top user in terms of bandwidth. The pie chart also shows the top user. It’s the biggest slice of the pie.
* Protocols - NetFlow listener displays traffic for the following protocols: TCP, UDP and ICMP.
Selecting any item in the panel view will display the corresponding NetFlow data in the other two panes.
Charts
The top center pane displays the Netflow data in one of two forms, a pie chart or area chart. The type of chart that appears depends on what is selected in the tree view pane.
List View
The bottom center pane displays the NetFlow data as a list. It includes colums which also correspond to whatever is selected in the left pane.
|
|
|
|
|