Allegro Network Multimeter Manual

Reports: Difference between revisions

Page Discussion

Reports (view source)

Revision as of 10:50, 9 April 2020

36 bytes added ,  9 April 2020
no edit summary
No edit summary
No edit summary
Line 18: Line 18:


The first section shows a list of all VLANs that have been activity during the report interval.  
The first section shows a list of all VLANs that have been activity during the report interval.  
The table shows the amount of MAC addresses and IP addresses and the total amount of traffic happened.  
The table shows the amount of MAC addresses and IP addresses and the total amount of traffic happened.  


Also, a graphic graph is shown.  Q-in-Q VLAN tags are also shown if applicable.
Also, a graphic graph is shown.  Q-in-Q VLAN tags are also shown if applicable.


The second section shows more information for each VLAN seen. It
The second section shows more information for each VLAN seen.
prints the number of MAC addresses, IPv4, and IPv6
 
addresses. Additionally, for each private IPv4 network, the number of
It prints the number of MAC addresses, IPv4, and IPv6 addresses.  
active IP addresses is shown as well.
 
Additionally, for each private IPv4 network, the number of active IP addresses is shown as well.


All DHCP servers in the VLAN segment is show as well as all DNS servers.
All DHCP servers in the VLAN segment is show as well as all DNS servers.
Line 31: Line 33:
Based on a passive estimation the router MAC addresses are shown.
Based on a passive estimation the router MAC addresses are shown.


Finally, all NIC vendors are listed with the number of devices active
Finally, all NIC vendors are listed with the number of devices active for each vendor.
for each vendor.




====Top protocols====
====Top protocols====
The second component gives an overview about the kind of traffic used in the network the most.
It shows the top network protocols used in the report time window, together with the top users and their peers.
For each of the top protocols, the amount of traffic is shown as well as a graph.


The second component gives an overview about the kind of traffic used
Next, the top users for each protocol is shown.  
in the network the most. It shows the top network protocols used in
the report time window, together with the top users and their peers.


For each of the top protocols, the amount of traffic is shown as well
For each network subscriber, the IP and available name information are listed.
as a graph.


Next, the top users for each protocol is shown. For each network
The amount of traffic for the specific user is listed as well as a graph for the time period.
subscriber, the IP and available name information are listed. The
amount of traffic for the specific user is listed as well as a graph
for the time period.


Additionally, the top peer IPs are shown in a table listing what
Additionally, the top peer IPs are shown in a table listing what computers the top subscriber has been contacted and the corresponding amount of traffic.
computers the top subscriber has been contacted and the corresponding
amount of traffic.




=====Configuration variables =====
=====Configuration variables =====
This report component can be configured about the number of top
This report component can be configured about the number of top protocols, the number of top users, and the number of top peers to beused for the report.  
protocols, the number of top users, and the number of top peers to be
 
used for the report. These settings can be chosen when issuing new
These settings can be chosen when issuing new reports or configuring a scheduled report.
reports or configuring a scheduled report.




==== Top connections====
==== Top connections====
The third component shows the top connections in the report time
The third component shows the top connections in the report time window.  
window. It lists the connections with the most throughput in the
 
report time window.
It lists the connections with the most throughput in the report time window.
 
The information contain the names of both communication partners and the layer 7 protocol.
 
The output contains when the connection has been started and when the last activity has been.
 
For easier reading, the output also contains the start time in relation to the report start time and the end time in relation to the report end time.
 
Finally, a graph over the whole report time is shown.


The information contain the names of both communication partners and
the layer 7 protocol. The output contains when the connection has been
started and when the last activity has been. For easier reading, the
output also contains the start time in relation to the report start
time and the end time in relation to the report end time. Finally, a
graph over the whole report time is shown.


===== Configuration variables=====
===== Configuration variables=====
This report component can be configured about the number of top
This report component can be configured about the number of top connections to be used for the report. This setting can be chosen when issuing new reports or configuring a scheduled report.
connections to be used for the report. This setting can be chosen when
issuing new reports or configuring a scheduled report.




==== Top IP/ports====
==== Top IP/ports====
This component shows the top IP/port pairs grouped by IP address and sorted by traffic in the report time window. It lists the IP address, its port, layer 4 and layer 7 protocols and received and sent bytes.


This component shows the top IP/port pairs grouped by IP address and sorted by
The traffic sorting is performed globally.
traffic in the report time window. It lists the IP address, its port, layer 4
and layer 7 protocols and received and sent bytes. The traffic sorting is
performed globally.




Line 108: Line 103:


* Select port: The ports of the connection between two IPs can be configured. By default the port is used that belongs to the IP address that is shown in the table (own port). The port of the IP of the peer can be selected in the drop down box. With this setting a source address will be shown with its destination port and vice versa.
* Select port: The ports of the connection between two IPs can be configured. By default the port is used that belongs to the IP address that is shown in the table (own port). The port of the IP of the peer can be selected in the drop down box. With this setting a source address will be shown with its destination port and vice versa.
Consider the following connections as an example:
Consider the following connections as an example:


Line 118: Line 114:


When own port is chosen, the report will show 12.34.56.78:80 with the aggregated traffic counters of all three connections. With this setting the most used  IP/ports in the network are shown.
When own port is chosen, the report will show 12.34.56.78:80 with the aggregated traffic counters of all three connections. With this setting the most used  IP/ports in the network are shown.
When port of peer is chosen, the report will show 12.34.56.78:65432 and 12.24.56.78:63111.  
When port of peer is chosen, the report will show 12.34.56.78:65432 and 12.24.56.78:63111.  
The connections will be aggregated if own IP address and port of the peer are the same. With this setting you can find out e.g. the most used client ports for a certain server.
The connections will be aggregated if own IP address and port of the peer are the same. With this setting you can find out e.g. the most used client ports for a certain server.
{|
|-
|
|}




Soumar
1,775

edits

Retrieved from "https://allegro-packets.com/wiki/Special:MobileDiff/1273"