Docs

Traffic Overview

Suggest Edits

Preview


Overview

Purpose: The Traffic Overview dashboard provides insights into network traffic patterns, including bitrate, packet rate, flow rate, protocol and port distributions, and TCP flag usage. This dashboard helps network administrators monitor overall traffic, analyze source and destination data, and detect unusual patterns in real time.

Components: The dashboard includes the following visualizations:

  • Bitrate
  • Packets Rate
  • Flow Rate
  • Flow Spiral
  • Source IP Cardinality
  • Site
  • Source Country
  • Protocol Breakdown
  • Port Breakdown
  • TCP Flag Distribution

Getting Here

  1. From the main menu, go to Dashboards > All.
  2. Select the System tab from the top navigation.
  3. Click on Traffic Overview.

Main Points

Usage Scenarios: This dashboard is ideal for monitoring traffic flow, analyzing protocol and port usage, and tracking the distribution of TCP flags. It assists network administrators in identifying bandwidth usage patterns, understanding traffic sources, and detecting anomalies.

Best Practices: Regularly review the bitrate, flow rate, and packet rate to track bandwidth and detect traffic spikes. Use the protocol and port breakdown to understand the composition of traffic, and monitor TCP flag distribution for insights into session behavior.

Charts

Bitrate

Description: A line chart displaying network bitrate over time.

Key Elements:

  • X-axis: Time.
  • Y-axis: Bitrate in Gbps.

Usage: Use this chart to monitor network throughput and detect fluctuations that may indicate changes in network load or potential issues.

Packets Rate

Description: A line chart showing the rate of packets transmitted over time.

Key Elements:

  • X-axis: Time.
  • Y-axis: Packets per second (pps).

Usage: Helps in tracking the packet transmission rate, which can provide insights into network activity and load.

Flow Rate

Description: A line chart representing the flow rate in the network.

Key Elements:

  • X-axis: Time.
  • Y-axis: Flow rate in flows per second (fps).

Usage: Useful for observing changes in the number of flows, which may indicate network events or traffic surges.

Flow Spiral

Description: A spiral chart visualizing traffic flow patterns over time.

Key Elements:

  • Spiral Rings: Each ring represents a time slice.
  • Color Coding: Indicates traffic volume in different time segments.

Usage: Helps in identifying recurring patterns or irregularities in traffic over a 24-hour period.

Source IP Cardinality

Description: A line chart showing the number of unique source IPs over time.

Key Elements:

  • X-axis: Time.
  • Y-axis: Unique source IP count.

Usage: Monitors IP diversity, which can indicate the variety of traffic sources in the network.

Site

Description: A line chart displaying traffic from different sites over time.

Key Elements:

  • X-axis: Time.
  • Y-axis: Bitrate in Gbps.

Usage: Useful for monitoring traffic by site, allowing administrators to track network load across different locations.

Source Country

Description: A line chart showing traffic volume from various countries over time.

Key Elements:

  • X-axis: Time.
  • Y-axis: Bitrate in Gbps.
  • Country Labels: Indicate the source countries.

Usage: Helps in identifying the geographic origins of traffic, which may be relevant for security monitoring and compliance.

Protocol Breakdown

Description: A bar chart showing the distribution of traffic by protocol.

Key Elements:

  • Bars: Each bar represents a protocol (e.g., TCP, UDP, ICMP), with length indicating traffic volume.

Usage: Useful for understanding the protocol composition of network traffic, which can aid in troubleshooting and performance analysis.

Port Breakdown

Description: A bar chart showing the distribution of traffic by port.

Key Elements:

  • Bars: Each bar represents a port, with length indicating traffic volume.

Usage: Provides insights into frequently used ports, helping in identifying popular services and potential attack targets.

TCP Flag Distribution

Description: A scatter plot displaying the distribution of TCP flags over time.

Key Elements:

  • X-axis: Time.
  • Y-axis: Flag type.
  • Points: Each point represents a TCP flag (e.g., ACK, SYN, FIN).

Usage: Useful for analyzing session behavior and identifying unusual patterns in TCP flags that may indicate network issues or scanning activity.

Interpreting the Data

Traffic Load: The Bitrate, Packets Rate, and Flow Rate charts provide insights into the network load and can help identify periods of high traffic.

Protocol and Port Usage: The Protocol Breakdown and Port Breakdown charts reveal the distribution of traffic by protocol and port, which is useful for understanding network composition and spotting anomalies.

Geographic and Source Diversity: The Source Country and Source IP Cardinality charts help track the diversity of traffic origins, supporting security and compliance monitoring.

TCP Session Analysis: The TCP Flag Distribution chart provides a granular view of TCP flag usage, which can help detect session-related issues or abnormal traffic patterns.

Additional Features

Metric Selection: Users can select specific metrics, such as bitrate, to customize the view for different aspects of network traffic.

Time Range: The dashboard allows users to adjust the time range, facilitating a detailed analysis of recent or historical traffic data.

Interactive Elements: The SYNC HOVER feature enables synchronized analysis across charts, providing a cohesive view of related metrics and patterns.

Updated 5 days ago