Flow Tags
Flow tags are labels that are applied to flow data, based on user-defined criteria and are activated as Netography ingests the data into the platform.
The required fields are the Rule Name for specifying your desired Flow Tag name, and Tags to assign to every flow from your target device or resource. You can click the ADD FLOW TAG to start adding Flow tags.
The following user-defined criteria is supported when configuring your Flow Tags:
Transport
Transport criteria in Netography Fusion are defined as protocol related rule conditions.
| Transport criteria | Description |
|---|---|
| Protocol | Match against protocol of a given flow record. |
| TCP Flags | Integer representing which tcpflags were set in the flow record. Values between 0-255 are valid. 0 will explicitly match flows where no flags are set. Leave empty for all flows. |
Interface
Interface criteria are conditions related to the traffic across an interface.
| Interface criteria | Description |
|---|---|
| Input Alias | A regular expression that matches against inputalias of a given flow record. |
| Input Name | A regular expression that matches against inputname of a given flow record. |
| Output Alias | A regular expression that matches against outputalias of a given flow record. |
| Output Name | A regular expression that matches against outputname of a given flow record. |
Source
The source criteria are conditions related to the source traffic.
| Source criteria | Description |
|---|---|
| Source ASNs | List of Autonomous System Numbers (ASN) to match against srcas.number for a given flow record. |
| Source CIDRs | List of CIDR blocks to match against srcip for a given flow record. |
| Source IP ASNs | List of Autonomous System Numbers (ASN) to match against srcowneras.number for a given flow record. |
| Source Port | Source port to match against srcport for a given flow. |
Destination
The destination criteria are conditions related to the destination traffic.
| Destination criteria | Description |
|---|---|
| Destination ASNs | List of Autonomous System Numbers (ASN) to match against dstas.number for a given flow record. |
| Destination CIDRs | List of CIDR blocks to match against dstip for a given flow record. |
| Destination IP ASNs | List of Autonomous System Numbers (ASN) to match against dstowneras.number for a given flow record. |
| Destination Port | Destination port to match against dstport for a given flow. |
Updated 7 months ago