Observer GigaFlow

Documentation

Table of Contents

Observer GigaFlow Documentation

Documentation > Appendices > Forensic Report Types > ASs by Dst

ASs by Dst

Table Query: select srcadd as srcadd,dstadd as dstadd,appid as appid, cast((sum(bytes)*8) as bigint) as bits_total from netflow WHERECLAUSE group by srcadd,dstadd,appid ORDERBY LIMITROW
Table Value Field:
Graph Query: select FIRSTSEEN as afirstseen,srcadd as srcadd,dstadd as dstadd,appid as appid, cast(sum((bytes)*8)/(MODER/1000) as bigint) as bits_avgsec from netflow WHERECLAUSE group by afirstseen,srcadd,dstadd,appid order by srcadd,dstadd,appid,afirstseen
Graph Time Field:
Graph Value Field:
Graph Key Field(s) separated by __: srcas