Observer GigaFlow

Documentation

Table of Contents

Observer GigaFlow Documentation

Documentation > Appendices > Forensic Report Types > All Fields Avg FPR

All Fields Avg FPR

Table Query: select firstseen,duration,cast( spare as integer) as fpr,device,customerid as tgsrc,engineid as tgdst,srcadd,dstadd,srcport,dstport,appid,nexthop,srcmac,dstmac,inif,outif,pkts,bytes*8 as bits,flags,proto,tos,srcas,dstas from netflow WHERECLAUSE and spare>0 ORDERBY LIMITROW
Table Value Field: firstseen
Graph Query: select FIRSTSEEN as afirstseen,cast( avg(spare) as integer) as maxfpr from netflow WHERECLAUSE and spare >0 group by afirstseen order by afirstseen
Graph Time Field: afirstseen
Graph Value Field: maxfpr
Graph Key Field(s) separated by __: