Top X/Y Reports allow for a unique cross-sectional reporting analysis.
Top X/Y is very flexible and open to your imagination allowing unprecedented visibility of your network traffic. It can be used to provide simple 'birds-eye' view analytics such as "Show the Top 5 applications and Conversations for each ASN Peer" or more granular identification such as "Show the Top 100 Threat (IPs, Categories, Type) and for each Affected IP".
A simple example of a cross-sectional analysis is an analysis of the Top 10 Applications (X) for each hour (Y) over a Day. In this example (see figure1) below each Application is assigned a distinct color so that it can easily be identified within each hour
figure1- The X/Y analytics that are available as Multiview Reports can be identified by the "/" in the Report title.
- The graphic display of a Top X/Y is always a Stacked Bar Chart.
- The colors of the elements of the Stacked bar chart are the "X" items in the report.
- The "X" and "Y" cross-section can be made up of more than 1 field but there are always only two logical "X" and "Y" cross-sections
- The "X" elements are the granular details of each "Y" items in a report.
e.g.
Y Column | X Column | Value |
Y1 | X1 | 9 |
| X2 | 9 |
| X3 | 9 |
Y2 | X1 | 9 |
The default X/Y reports or your own unique cross-sectional analytics can be accessed via the left menus or the right click menu. Where the right-click menu is used the meter measurement will follow the current meter sort order.
The Filter allows the creation of a Top X/Y for any two or more fields.
The Forensic screens Filter tab (below the graph) also provides access to the Top N control element enabling on the fly changes to Top N detail.
Where more than 1 field is available the Top N control element provides the ability to change the cross-section.
The Count algorithm is supported in Top X/Y where the X fields has 1 uncounted field.
A number of default X/Y analytic templates are available in the Multiview and in the Forensic left menus. Some examples are shown below:
MultiviewFlow Direction
Top X per Y
- Interface Routes
- Routes and ToS
- Account
- Flow Detail
Boundary Flow
Top X per Y
- Application
- Lower Port
- Unknown Service
- ToS Precedence
- PHB Class
IPv4 Address
Top X per Y
- Dst. / Src.
- Src. / Dst.
- IPv4 / Hour
- IPv4 / Minute
Application
Top X per Y
- IPv4/ICMP Type
- IPv4/ICMP Code
- IPv4 / App.
- Talkers / App.
- App. / Hour
- App. / Minute
QoS
Top X per Y
- Application / ToS
- Application / DSCP
- Application / PHB
- Lower Port / ToS
- Interface / ToS
- PHB Class / Day
- PHB Class / Hour
ForensicsIPv4 Address
Top X per Y
- Dst. / Src.
- Src. / Dst.
- Talkers / Hour
- Talkers / Minute
Security Forensics
Packet Size
Top X per Y
- Pkt. Size/App.
- App./Pkt. Size