Observer GigaFlow

Documentation

Table of Contents

Observer GigaFlow Documentation

Documentation > Appendices > Forensic Report Types > Duration Avg

Duration Avg

Table Query: select firstseen,duration,cast( spare as integer) as fpr,device,customerid as tgsrc,engineid as tgdst,srcadd,dstadd,srcport,dstport,appid,nexthop,srcmac,dstmac,inif,outif,pkts,bytes*8 as bits,flags,proto,tos,srcas,dstas from netflow WHERECLAUSE ORDERBY LIMITROW
Table Value Field: duration
Graph Query: select FIRSTSEEN as afirstseen,cast( avg(duration) as bigint) as avgduration from netflow WHERECLAUSE group by afirstseen order by afirstseen
Graph Time Field: afirstseen
Graph Value Field: avgduration
Graph Key Field(s) separated by __: