Alarms/Reports baded on country code

Scrutinizer is an enterprise/business class NetFlow and sFlow analysis tool. Scrutinizer provides historical trends of the company's critical network interfaces as well as the details on:

Who: The end system causing the traffic
What: The application/protocol that is being used
When: The time frame it has been occurring for
Where: The network connection that is affected

Moderators: scottr, Moderator Team

Forum rules
Post a reply

Alarms/Reports baded on country code

Postby Stunod7 » Mon Jan 16, 2012 11:13 am

My company is looking to become a little more conscientious about what countries our data is going out to. I’m messing around with reports a bit and found the Top Source/Destination Countries quick report but is there a way to construct a more detailed report that would show me what is happening or possibly set to alarm if a certain amount of data is transmitted to certain countries?

If anyone has any insight it’d be greatly appreciated!
Stunod7
 
Posts: 1
Joined: Mon Jan 16, 2012 10:51 am
Top

Re: Alarms/Reports baded on country code

Postby scottr » Mon Jan 16, 2012 11:18 am

Hello,

You can open any report (let's say a Conversation WKP) and filter that report on a particular country. You can then save that report, and add an Inbound threshold to it. The Inbound threshold allows you to trigger alert based on traffic volume either on total traffic for a 5 minute period, or by row/conversation.

Scott
User avatar
scottr
 
Posts: 64
Joined: Mon Oct 05, 2009 12:22 pm
Top
Post a reply

Return to Scrutinizer

Who is online

Users browsing this forum: No registered users and 0 guests

cron

Who is online

In total there are 0 users online :: 0 registered, 0 hidden and 0 guests (based on users active over the past 5 minutes)
Most users ever online was 60 on Thu Jun 25, 2009 9:07 am

Users browsing this forum: No registered users and 0 guests
Administration Control Panel