Live filtering of tables
Multiple measuring statistics show all entries in tables with different columns for all measured values, which can be sorted individually.
Since often there are a lot of entries, the Allegro Network Multimeter allows for filtering those tables to quickly find the relevant information.
All search text areas show a hint about for what kind of information the table can be filtered. Once entered, the table is updated immediately while still updating the measured values for the visible entries.
This live filtering allows for viewing live data only for the entries that are currently important for the investigation of a network problem.
Single word matching
It is always possible the enter a single word for filtering.
In this case the Allegro Network Multimeter will match any possible field for the given text.
For instance, in the IP statistics, the IP will be matched if an number representation is entered, possibly with a subnet mask length (22.214.171.124/8).
The known list of alternative names are also matched so it is possible to enter a host name and the list will show only those entries which contain the string in there DHCP name, DNS name, HTTP name, or any other name field.
Complex filter expressions
Some tables allow for using more complex expressions for flexible live filtering.
If filter expressions are supported, the hint text in the search area indicates that by telling that the entered string must start with an open parenthesis (.
In this mode it is possible to enter expressions in the form of keyword == value.
The keyword depends on the actual context of the search field, often name, ip, or packets is possible.
The web interface will give hints about all possible keywords in the current context which usually directly correlate with the available columns.
Also, the comparison operator can be == or != for equal or unequal compare, but for numbers <, >=, etc can be used too.
Multiple expressions can be combined with boolean operators and or or (or equivalent && / ||). Also, parentheses can be used to enter even more complex expressions.
- Show all IPs with at least 100 packets, that have been active within the last minute:
(packets > 100 and lasttime < 60)
- Show all IPs that showed up not more than 24 hours ago and have an associated name of alice or bob:
( (firsttime < 86400 and ( name == alice or name == bob ))
- 86400 is the number of seconds in 24 hours (24 * 60 * 60)
- It is possible to enter values in quotes if they contain reserved characters used for the expressions (<,=,&,(, etc).
- Under the search text area, the interface will show all valid values for the last element entered in the expression.
- A green check mark indicates if the entered expression has been successfully parsed.
The available keywords vary depending on the web interface section.
The web interface will always show the available keywords in the specific context. The following table contains all keywords:
|name||any name information (DNS,DHCP,SSL,HTTP,custom names, etc)|
|category||the category of a custom name|
|ip||the IP address of the client or server side|
|ipgroup||the name(s) of the matching IP groups if configured|
|clientip||the IP address of the client|
|serverip||the IP address of the server|
|packets||the number packets (receive and transmitted combined)|
|rxpackets||the number of received packets|
|txpackets||the number of transmitted packets|
|clientpackets||the number of packets sent by the client|
|serverpackets||the number of packets sent by the server|
|bytes||the number of bytes (receive and transmitted combined)|
|rxbytes||the number of received bytes|
|txbytes||the number of transmitted bytes|
|clientbytes||the number of bytes sent by the client|
|serverbytes||the number of bytes sent by the server|
|pps||the packets per second value|
|bps||the bits per second value|
|firsttime||the time of the first activity|
|lasttime||the time of the last activity|
|tcppackets||the number of TCP packets (receive and transmitted combined)|
|udppackets||the number of UDP packets (receive and transmitted combined)|
|tcppayload||the amount of bytes processed as TCP payload|
|tcpRetrans||the amount of payload bytes retransmitted|
|tcpRetransRx||the amount of received payload bytes retransmitted|
|tcpRetransTx||the amount of transmitted payload bytes retransmitted|
|tcpRetransClient||the amount of client payload bytes retransmitted|
|tcpRetransServer||the amount of server payload bytes retransmitted|
|mac||the MAC address of the client or server|
|port||the layer 4 port of the client or server (a number or range)|
|clientport||the layer 4 port of the client|
|serverport||the layer 4 port of the server|
|l4protocol||the layer 4 protocol name (tcp, udp, icmp, etc)|
|l7protocol||the layer 7 protocol name (http, dns, etc)|
|tcpend||the ending reason of a TCP connection (open, fin, rst, timeout)|
|tcpstate||the state of a TCP connection (valid, invalid, unknown)|
|tcpclienthandshake||the TCP handshake time in milliseconds for the client (time to answer the server's syn packet)|
|tcpserverhandshake||the TCP handshake time in milliseconds for the server (time to answer the client's syn packet)|
|tcpdataresponse||the max TCP data response time in milliseconds of the connection (any direction)|
|httpresponse||the HTTP response time for a request|
|httpstatus||the HTTP status code of the response|
|sslhandshake||the SSL handshake time (time for the server to answer the SSL setup)|
|packetratio||the client/server packet ratio as a floating point number|
|vlan||the VLAN tag (a tag or 'none'), both outer and inner VLAN will be considered|
|outervlan||the outer VLAN tag (a tag or 'none')|
|innervlan||the inner VLAN tag (a tag or 'none')|
|interface||the interface ID (a number or a range)|
|validconnections||the number of valid TCP connections|
|invalidconnections||the number of invalid TCP connections|
|profinetFrameId||the number of a Profinet frame ID|
|minCallerJitter||the minimum jitter of the caller as a floating point number|
|avgCallerJitter||the average jitter of the caller as a floating point number|
|maxCallerJitter||the maximum jitter of the caller as a floating point number|
|minCalleeJitter||the minimum jitter of the callee as a floating point number|
|avgCalleeJitter||the average jitter of the callee as a floating point number|
|maxCalleeJitter||the maximum jitter of the callee as a floating point number|
|minJitter||the minimum jitter of the caller or callee as a floating point number|
|avgJitter||the average jitter of the caller or callee as a floating point number|
|maxJitter||the maximum jitter of the caller or callee as a floating point number|
|minCallerMos||the minimum MOS of the caller as a floating point number|
|avgCallerMos||the average MOS of the caller as a floating point number|
|maxCallerMos||the maximum MOS of the caller as a floating point number|
|minCalleeMos||the minimum MOS of the callee as a floating point number|
|avgCalleeMos||the average MOS of the callee as a floating point number|
|maxCalleeMos||the maximum MOS of the callee as a floating point number|
|minMos||the minimum MOS of the caller or callee as a floating point number|
|avgMos||the average MOS of the caller or callee as a floating point number|
|maxMos||the maximum MOS of the caller or callee as a floating point number|
|statusCode||the number of a status code|
|mpls||the MPLS label (a label or 'none'), both outer and inner MPLS label will be considered|
|outermpls||the outer MPLS label (a label or 'none')|
|innermpls||the inner MPLS label (a label or 'none')|
|qos||Filter for presence or absence of QoS. May be 'any' or 'none'.|
|qosIpDscp||the DSCP value in the IP header|
|qosMplsTc||the traffic class value in the outermost MPLS label stack entry|
|qosVlanPcp||the priority code point in the outermost VLAN tag|
|usedCipherSuite||the negotiated SSL/TLS cipher suite name|
|pppoeSessionId||the PPPoE session ID (in hexadecimal or decimal representation)|
|mtu||the MTU value in bytes|
|rxMtu||the MTU value of the RX direction in bytes|
|txMtu||the MTU value of the TX direction in bytes|
|clientMtu||the MTU value of the sent direction of the client in bytes|
|serverMtu||the MTU value of the sent direction of the server in bytes|
|callId||the string value of a SIP call ID or similar identifier (e.g. P-Palladion-ID)|
|dnsresponse||the DNS response time (for DNS connections)|
|dnsstatus||matches DNS response status (either a DNS reply code, e.g, 0 for success, or noanswer for unanswered DNS connections|
|dnsname||the requested DNS name|
|callerRtpPacketLoss||the amount of lost packets of the RTP flow of the caller|
|calleeRtpPacketLoss||the amount of lost packets of the RTP flow of the callee|
|rtpPacketLoss||the amount of lost packets of the RTP flow of the caller or callee|
|callerRtpPayloadType||the payload type of the RTP flow of the caller as a string, will match also parts of the name e.g. G.711|
|calleeRtpPayloadType||the payload type of the RTP flow of the callee as a string, will match also parts of the name e.g. G.711|
|rtpPayloadType||the payload type of the RTP flow of the caller or callee as a string, will match also parts of the name e.g. G.711|
|duration||the duration of a connection or a SIP call, amount of seconds|
|sipQos||Filter for presence or absence of QoS in SIP calls. May be 'any' or 'none'.|
|sipQosIpDscp||the DSCP value in the IP header of SIP packets|
|sipQosMplsTc||the traffic class value in the outermost MPLS label stack entry of SIP packets|
|sipQosVlanPcp||the priority code point in the outermost VLAN tag of SIP packets|
|rtpQos||Filter for presence or absence of QoS in RTP streams. May be 'any' or 'none'.|
|rtpQosIpDscp||the DSCP value in the IP header of RTP packets|
|rtpQosMplsTc||the traffic class value in the outermost MPLS label stack entry of RTP packets|
|rtpQosVlanPcp||the priority code point in the outermost VLAN tag of RTP packets|
|tcpZeroWindow||the number of TCP zero window packets|
|tcpZeroWindowRx||the number of TCP zero window packets in RX direction|
|tcpZeroWindowTx||the number of TCP zero window packets in TX direction|
|tcpZeroWindowClient||the number of TCP zero window packets of the client|
|tcpZeroWindowServer||the number of TCP zero window packets of the server|
|tcpWindowSize||the value of the announced TCP window size in bytes|
|tcpWindowSizeClient||the value of the announced TCP window size of the client in bytes|
|tcpWindowSizeServer||the value of the announced TCP window size of the server in bytes|
|tcpUsedWindowSize||the value of the actual used TCP window in bytes|
|tcpUsedWindowSizeClient||the value of the actual used TCP window of the client in bytes|
|tcpUsedWindowSizeServer||the value of the actual used TCP window of the server in bytes|
|tcpSyn||the number of TCP SYN packets|
|tcpSynClient||the number of TCP SYN packets of the client|
|tcpSynServer||the number of TCP SYN packets of the server|
|tcpSynAck||the number of TCP SYN-ACK packets|
|tcpSynAckClient||the number of TCP SYN-ACK packets of the client|
|tcpSynAckServer||the number of TCP SYN-ACK packets of the server|
|tcpRst||the number of TCP RST packets|
|tcpRstClient||the number of TCP RST packets of the client|
|tcpRstServer||the number of TCP RST packets of the server|
|tcpFin||the number of TCP FIN packets|
|tcpFinClient||the number of TCP FIN packets of the client|
|tcpFinServer||the number of TCP FIN packets of the server|