Motadata Docs

Flow Explorer

Flow explorer is a tool that enables you to graphically visualize the flow data for all the devices sending flow to Motadata AIOps server. Flow explorer provides consistent visibility into your network allowing you to judge essential infrastructural requirements, make business-driven decisions, and ensure efficient and cost-effective operations based on the network flow data presented to you.

Go to Menu, Select Flow Explorer . After that, Select Explorer. The Flow Explorer tool is now displayed.

How to use Flow explorer?

Let us consider an example to understand how to use the flow explorer.

Scenario

We have a flow forwarder device, 10.20.40.97 that sends flow details to the Motadata console. This device stores the flow details of source IPs in the range 192.168.0.1 – 192.168.0.5. These devices communicate with a wide range of destination IPs. They communicate via destination port 443 using the communication protocol TCP.

Now, let us see how we can visualize this information in flow explorer.

Steps to use Flow Explorer

Select the button to start.

A pop-up asking to enter the filter inputs is displayed. We then go ahead and enter the inputs as per our example:

  1. From the Select Monitor dropdown, select all the forwarder devices that sends the flow details to the Motadata AIOps server.

  1. From the Select Source option, select source.ip to display the IPs of all the source devices whose flow data is available in the forwarder device. As we already know, in our case, the source IPs are in the range of 192.168.0.1 – 192.168.0.5. There are many other options available except source.ip which you can use to create the filter as per your requirement.

  1. From the Select Destination option, select destination.ip and destination.port to display the IPs and destination ports of all the destinations which are communicating with our source devices. There are many other options available besides destination.ip and destination.port that you can use to create the filter as per your requirements.

  1. From the Select Other option, select protocol to display the protocol which the source and destination use to communicate with one another. There are many other options besides protocol that you can use to create the filter as per your requirement.

  1. From the Select Metric option, select packets to display the packets being sent from source to destination. There are many other options except packets that you can use to create the filter as per your requirement.

Select Apply Filter to create the Sankey chart representation of the flow data based on the inputs you selected.

Select Cancel if you do not wish to create the Sankey chart representation.

The Sankey chart representation in this case will be as follows:

You can also view the list of values for all the fields you selected to create the diagram. Each record in this list represents a link between the source and the destination in the diagram you created.

This list can be viewed below the Sankey diagram as seen in the following picture.

Actions available on the Flow Explorer

  • Refresh the flow data Select to refresh the flow data.
  • Take a screenshot of the dashboard Select to take a screenshot of the dashboard in its current state.
  • Change the time period of the flow data You can change the time period for which flow data is being shown on the flow explorer. Click present just above the diagram to do so.
  • Change the filter Select to change the fields you selected for creating the Sankey diagram initially.
  • Change the chart type You can change the graph used to represent the flow data. The Sankey chart is selected by default. Click on the dropdown Select Chart Type and select the chart as per your requirement.
  • Change the order of the nodes You can change the order of the nodes in the diagram to view the diagram as per your requirement. You can drag and drop the fields from the toolbar on the right side of the screen and rearrange them in the order you need.

How to send flow data for a device to the Flow explorer?

In order to view flow data of a device in flow explorer, the device must be configured to push the data to Motadata AIOps server. If you do not configure your device to send data, the Flow explorer is not able to populate the relevant flow data.

The device forwarding the flow data must be configured to send the data to port 2055 of your Motadata console.

Types of Flow supported in Motadata

  • sFlow
  • jFlow
  • NetFlow