Control
English
FrançaisEnglishPortuguês
English
FrançaisEnglishPortuguês
  • Control documentation
  • Detoxio documentation
  • API documentation
  • Guides
    • Glossary
    • Calculation of metrics
    • Help and support
    • Control+
    • First steps on Control
      • Create an account
      • Global search
  • Introduction
    • Home
    • Favorite devices
    • Device map
  • Devices
    • Dashboard
    • Dashboard of a device
      • Dashboard
        • Cyberweather
        • Metrics
        • Cybermap
      • Endpoints
      • Flow
      • Cleaner
      • Alerts
        • Advanced (beta)
      • Report
      • Settings
        • Global
        • Subnetworks
        • IP filtering
        • Local network
        • Information and statistics
        • Installation
    • Public IP address
      • Analyse
      • Affected devices
      • Reports
  • Gestion
    • Device fleet
    • User accesses
Propulsé par GitBook
Sur cette page
  • Columns
  • Filters

Cet article vous a-t-il été utile ?

  1. Devices
  2. Dashboard of a device

Flow

PrécédentEndpointsSuivantCleaner

Dernière mise à jour il y a 2 ans

Cet article vous a-t-il été utile ?

The flow table shows each flow returned by the device over a given period.

The columns can be sorted in ascending / descending order by clicking on the column name.

It is possible to apply filters on the results of the table.

The number of lines is limited to 20 per page by default. The pagination is accessible at the bottom right of the table. It shows the current page and the total number of rows found in the database.

The page of a table is shareable via the URL of the web page. The URL contains the selected period, the applied filters, the table sorting and the pagination.

Columns

Endpoint

The Endpoint column shows the local IP address of the flow with the custom netbios name associated with the IP address, or the netbios name reported by the log if no custom name has been defined.

Clicking on the endpoint takes you to the endpoint dashboard.

A click on the netbios name allows you to quickly define a custom netbios name.

Remote IP

The remote IP column displays the public IP address associated with the flow. The indicator underneath shows whether the flow has been considered toxic, and if so, whether it has been filtered or not.

Clicking on the remote IP address will take you to the public IP page.

Timestamp

The timestamp displayed is the timestamp of the first flow detected by the device.

The indicator below represents the amplitude of the communication between the endpoint and the remote IP address, i.e. the difference between the time of the first flow and the last flow.

Other columns

The other columns show:

  • The volume of the flow (incoming and outgoing)

  • The direction of the flow (the color code used for the legend of the cyber map)

  • The protocol used

  • The port used

Filters

The results of the table can be filtered according to several criteria:

  • The endpoint (local IP only, no netbios name)

  • The remote IP address

  • The protocol

  • The port

  • The start time

  • The end time

  • The direction of the flows

  • Toxic flows only

Over a period of several days, the start and end time is done on each day.

For example, from Jan 04 to Jan 05 from 10:00 to 12:00, the flows displayed will be those of Jan 04 between 10:00 and 12:00 and of Jan 05 between 10:00 and 12:00.

Pagination of the flow table
Flow table of a device
Filtered toxic flow
Flow table filters