Observer GigaFlow

Documentation

Table of Contents

Observer GigaFlow Documentation

Documentation > Reference Manual for GigaFlow > Dashboards > Device Overview

Device Overview

Located at Dashboards > Device Overview; there is also a unique Device Overview subpage for each infrastructure device.

From the Dashboards menu, the Device Overview option displays:

  • Busiest devices in the past hour.
  • Summary devices.

This information is also displayed in Performance Overview and in Server Overview. See Dashboards > Performance Overview > Top Devices (Last Hour v Last Week Hour) and Dashboards > Server Overview.

Device Overview Subpages

Click once on any infrastructure device IP address or interface in the tables and you will be taken to an overview report for that device or interface. You can access the same overview using GigaFlow's search function. Search for the IP address and in the main left-hand side table, click the Infrastructure Device name. In the right-hand side table, click Overview.

The overview for each infrastructure device includes graphs and tables with useful information. These include:

Device Details

This panel lists the most important device information, including:

  • IP address.
  • Display name.
  • SysName.
  • SysLocation.
  • SNMP status.
  • ARP entries.
  • CAM entries.
  • System description.

Attributes and Tools

You can add an Attribute, or alias, for network infrastructure by selecting from the interface Attributes drop down selector. See Configuration > Attributes for more on attributes. This panel lists attributes and useful tools associated with the selected device, including:

Attributes. See Configuration > Infrastructure Devices and click on any device for more.Links out to useful tools, including Forensics, ARPs, CAMs, Live Interfaces and Traffic Overview.Links to associated integrations. See System > Global for more about integrations.

Top 10 Applications This Hour

Figure: Visual from Device Overview subpage

The information is presented as a pie-chart. Each application can be queried by clicking the drill down icon for more.

This graph shows the top 10 ports/applications associated with this device in the past hour.

Top 10 Traffic Group Pairs This Hour

This graph shows the top 10 traffic group pairs associated with this device in the past hour.

Top 10 Source IPs This Hour

This graph shows the top 10 source IPs associated with this device in the past hour.

Top 10 Destination IPs This Hour

This graph shows the top 10 destination IPs associated with this device in the past hour.

Summary Devices

This graph shows the summary traffic volume information for this device (MB/s).

Summary Interfaces

This graph shows the summary interface traffic volume information for this device (MB/s).

Events Graph

A timeline of threat events associated with the device in the report period.

A table of all the interfaces associated with this device is displayed at the bottom of the page; the information presented includes:

All Interfaces CSV

  • The device name.
  • The ifIndex of the interface.
  • The name of the interface.
  • A description of the interface.
  • Any alias given by the local user.
  • The IP address associated with the interface.
  • The nominal inward flow rate (MB/s), defined by the user.
  • The nominal outward flow rate (MB/s), defined by the user.
  • The average inward flow rate as a percentage of the nominal inward flow rate.
  • The average inward flow rate (MB/s).
  • The maximum inward flow rate as a percentage of the nominal inward flow rate.
  • The maximum inward flow rate (MB/s).
  • The average outward flow rate as a percentage of the nominal outward flow rate.
  • The average inward flow rate (MB/s).
  • The maximum outward flow rate as a percentage of the nominal outward flow rate.
  • The maximum outward flow rate (MB/s).