Gaining Visibility into Your Traffic Flows

For all network traffic moving across your Aviatrix-managed network, Aviatrix gateways capture metadata for all traffic traversing their links. CoPilot uses the information to show you detailed information about your traffic. You can use filters to show flows over custom timeframes. You can use filters to show only traffic that match your specific traffic criteria. You can use over 80 traffic metadata fields to filter traffic.

Show Traffic Flows by Using Filters

You can filter your network traffic to show only the traffic you want by using filters.

To create a traffic flow filter, see:

Creating a Traffic Flow Filter

Traffic Flow Field Reference

You can use over 80 traffic metadata fields when creating custom filters for showing specific traffic flows.

You can filter your traffic in FlowIQ using the following flow fields.

FlowIQ Field	Description
Bytes	Filters traffic by bytes.
Destination Address	Filters traffic by destination address.
Destination Autonomous System	Filters traffic by properties of the destination autonomous system.
Destination CSP Tag	Filters traffic by the destination CSP tag.
Destination Gateway	Filters traffic by destination gateway.
Destination Locality	Filters traffic by destination locality.
Destination Port	Filters traffic by destination port.
Destination Port Name	Filters traffic by port name.
Direction	Filters traffic by direction.
Duration	Filters traffic by how long the flow was active.
Egress Interface Name	Filters traffic by egress interface name.
Egress Physical Interface	Filters traffic by egress physical interface.
Engine ID	Filters traffic by engine ID.
Engine Type	Filters traffic by engine type.
First Switched	Filters traffic by first switched.
Flow Locality	Filters traffic by flow locality.
Flow Records	Filters traffic by flow records.
Flow Sequence Number	Filters traffic by flow sequence number.
Flowset ID	Filters traffic by flowset ID.
Gateway Host Name	Filters traffic by gateway host name.
Geo Autonomous System	Filters traffic by geo autonomous system.
Geo Autonomous System Number	Filters traffic by geo autonomous system number.
Geo Autonomous System Organization	Filters traffic by geo autonomous system organization.
Geo City Name	Filters traffic by geo city name.
Geo Continent Code	Filters traffic by geo continent code.
Geo Country Code 2	Filters traffic by geo country code 2.
Geo Country Code 3	Filters traffic by geo country code 3.
Geo Country Name	Filters traffic by geo country name.
Geo DMA Code	Filters traffic by geo DMA code.
Geo Destination Autonomous System	Filters traffic by geo destination autonomous system.
Geo Destination Autonomous System Organization	Filters traffic by geo destination autonomous system organization.
Geo Destination Autonomous System Organization Number	Filters traffic by geo destination autonomous system organization number.
Geo Destination City Name	Filters traffic by geo destination city name.
Geo Destination Continent Code	Filters traffic by geo destination continent code.
Geo Destination Country Code 2	Filters traffic by geo destination country code 2.
Geo Destination Country Code 3	Filters traffic by geo destination country code 3.
Geo Destination Country Name	Filters traffic by geo destination country name.
Geo Destination DMA Code	Filters traffic by geo destination DMA code.
Geo Destination IP	Filters traffic by geo destination IP
Geo Destination Latitude	Filters traffic by geo destination latitude.
Geo Destination Location	Filters traffic by geo destination location.
Geo Destination Longitude	Filters traffic by geo destination longitude.
Geo Destination Postal Code	Filters traffic by geo destination postal code.
Geo Destination Region Name	Filters traffic by geo destination region name.
Geo Destination TimeZone	Filters traffic by geo destination time zone.
Geo Destination Region Code	Filters traffic by geo destination region code.
Geo IP	Filters traffic by geo IP.
Geo Latitude	Filters traffic by geo latitude.
Geo Location	Filters traffic by geo location.
Geo Longitude	Filters traffic by geo longitude.
Geo Postal Code	Filters traffic by geo postal code.
Geo Region Code	Filters traffic by geo region code.
Geo Region Name	Filters traffic by geo region name.
Geo Source Autonomous Organization System Number	Filters traffic by geo source autonomous organization system number.
Geo Source Autonomous System	Filters traffic by geo source autonomous system.
Geo Source Autonomous System Organization	Filters traffic by geo source autonomous system organization.
Geo Source City Name	Filters traffic by geo source city name.
Geo Source Continent Code	Filters traffic by geo source continent code.
Geo Source Country Code 2	Filters traffic by geo source country code 2
Geo Source Country Code 3	Filters traffic by geo source country code 3.
Geo Source Country Name	Filters traffic by geo source country name
Geo Source DMA Code	Filters traffic by geo source DMA code.
Geo Source IP	Filters traffic by geo source IP
Geo Source Latitude	Filters traffic by geo source latitude.
Geo Source Location	Filters traffic by geo source location.
Geo Source Longitude	Filters traffic by geo source longitude.
Geo Source Postal Code	Filters traffic by geo source postal code.
Geo Source Region Code	Filters traffic by geo source region code.
Geo Source Region Name	Filters traffic by geo source region name.
Geo Source Time Zone	Filters traffic by geo source time zone.
Geo Timezone	Filters traffic by geo time zone.
Host	Filters traffic by host.
ICMP Type	Filters traffic by ICMP type.
IP Protocol Version	Filters traffic by protocol version.
IP Version	Filters traffic by IP version.
Ingress Interface Name	Filters traffic by ingress interface name.
Ingress Physical Interface	Filters traffic by ingress physical interface.
Input SNMP	Filters traffic by input SNMP.
Interface Name	Filters traffic by interface name.
JA3	Filters traffic by JA3.
JA3S	Filters traffic by JA3S type.
L7 Application Latency	Filters traffic by L7 application latency.
L7 Category	Filters traffic by L7 category.
L7 FQDN	Filters traffic by L7 FQDN.
L7 Protocol	Filters traffic by L7 protocol.
L7 Protocol Name	Filters traffic by L7 protocol name.
L7 Protocol Risk	Filters traffic by L7 protocol risk.
L7 Risk Score	Filters traffic by L7 risk score.
Last Switched	Filters traffic by last switched.
Mask Length	Filters traffic by mask length.
Next Hop	Filters traffic by next hop.
Output SNMP	Filters traffic by output SNMP.
Packets	Filters traffic by packets.
Protocol	Filters traffic by protocol.
Protocol Name	Filters traffic by protocol name.
Sampling Algorithm	Filters traffic by sampling algorithm.
Sampling Interval	Filters traffic by sampling interval.
Source Address	Filters traffic by source address.
Source Autonomous System	Filters traffic by source autonomous system
Source CSP Tag	Filters traffic by source CSP tag.
Source Gateway	Filters traffic by source gateway.
Source Locality	Filters traffic by source locality.
Source Mask Length	Filters traffic by source mask length.
Source Port	Filters traffic by source port.
Source Port Name	Filters traffic by source port name.
TCP Flag Tags	Filters traffic by TCP flag tags.
TCP Flags	Filters traffic by TCP flags.
TCP Flags Label	Filters traffic by TCP flags label.
TOS	Filters traffic by the TOS.
Throughput	Filters traffic by the throughput.
Timestamp	Filters traffic by timestamp
Version	Filters traffic by timestamp.

FlowIQ Field

Description

Bytes

Filters traffic by bytes.

Destination Address

Filters traffic by destination address.

Destination Autonomous System

Filters traffic by properties of the destination autonomous system.

Destination CSP Tag

Filters traffic by the destination CSP tag.

Destination Gateway

Filters traffic by destination gateway.

Destination Locality

Filters traffic by destination locality.

Destination Port

Filters traffic by destination port.

Destination Port Name

Filters traffic by port name.

Direction

Filters traffic by direction.

Duration

Filters traffic by how long the flow was active.

Egress Interface Name

Filters traffic by egress interface name.

Egress Physical Interface

Filters traffic by egress physical interface.

Engine ID

Filters traffic by engine ID.

Engine Type

Filters traffic by engine type.

First Switched

Filters traffic by first switched.

Flow Locality

Filters traffic by flow locality.

Flow Records

Filters traffic by flow records.

Flow Sequence Number

Filters traffic by flow sequence number.

Flowset ID

Filters traffic by flowset ID.

Gateway Host Name

Filters traffic by gateway host name.

Geo Autonomous System

Filters traffic by geo autonomous system.

Geo Autonomous System Number

Filters traffic by geo autonomous system number.

Geo Autonomous System Organization

Filters traffic by geo autonomous system organization.

Geo City Name

Filters traffic by geo city name.

Geo Continent Code

Filters traffic by geo continent code.

Geo Country Code 2

Filters traffic by geo country code 2.

Geo Country Code 3

Filters traffic by geo country code 3.

Geo Country Name

Filters traffic by geo country name.

Geo DMA Code

Filters traffic by geo DMA code.

Geo Destination Autonomous System

Filters traffic by geo destination autonomous system.

Geo Destination Autonomous System Organization

Filters traffic by geo destination autonomous system organization.

Geo Destination Autonomous System Organization Number

Filters traffic by geo destination autonomous system organization number.

Geo Destination City Name

Filters traffic by geo destination city name.

Geo Destination Continent Code

Filters traffic by geo destination continent code.

Geo Destination Country Code 2

Filters traffic by geo destination country code 2.

Geo Destination Country Code 3

Filters traffic by geo destination country code 3.

Geo Destination Country Name

Filters traffic by geo destination country name.

Geo Destination DMA Code

Filters traffic by geo destination DMA code.

Geo Destination IP

Filters traffic by geo destination IP

Geo Destination Latitude

Filters traffic by geo destination latitude.

Geo Destination Location

Filters traffic by geo destination location.

Geo Destination Longitude

Filters traffic by geo destination longitude.

Geo Destination Postal Code

Filters traffic by geo destination postal code.

Geo Destination Region Name

Filters traffic by geo destination region name.

Geo Destination TimeZone

Filters traffic by geo destination time zone.

Geo Destination Region Code

Filters traffic by geo destination region code.

Geo IP

Filters traffic by geo IP.

Geo Latitude

Filters traffic by geo latitude.

Geo Location

Filters traffic by geo location.

Geo Longitude

Filters traffic by geo longitude.

Geo Postal Code

Filters traffic by geo postal code.

Geo Region Code

Filters traffic by geo region code.

Geo Region Name

Filters traffic by geo region name.

Geo Source Autonomous Organization System Number

Filters traffic by geo source autonomous organization system number.

Geo Source Autonomous System

Filters traffic by geo source autonomous system.

Geo Source Autonomous System Organization

Filters traffic by geo source autonomous system organization.

Geo Source City Name

Filters traffic by geo source city name.

Geo Source Continent Code

Filters traffic by geo source continent code.

Geo Source Country Code 2

Filters traffic by geo source country code 2

Geo Source Country Code 3

Filters traffic by geo source country code 3.

Geo Source Country Name

Filters traffic by geo source country name

Geo Source DMA Code

Filters traffic by geo source DMA code.

Geo Source IP

Filters traffic by geo source IP

Geo Source Latitude

Filters traffic by geo source latitude.

Geo Source Location

Filters traffic by geo source location.

Geo Source Longitude

Filters traffic by geo source longitude.

Geo Source Postal Code

Filters traffic by geo source postal code.

Geo Source Region Code

Filters traffic by geo source region code.

Geo Source Region Name

Filters traffic by geo source region name.

Geo Source Time Zone

Filters traffic by geo source time zone.

Geo Timezone

Filters traffic by geo time zone.

Host

Filters traffic by host.

ICMP Type

Filters traffic by ICMP type.

IP Protocol Version

Filters traffic by protocol version.

IP Version

Filters traffic by IP version.

Ingress Interface Name

Filters traffic by ingress interface name.

Ingress Physical Interface

Filters traffic by ingress physical interface.

Input SNMP

Filters traffic by input SNMP.

Interface Name

Filters traffic by interface name.

JA3

Filters traffic by JA3.

JA3S

Filters traffic by JA3S type.

L7 Application Latency

Filters traffic by L7 application latency.

L7 Category

Filters traffic by L7 category.

L7 FQDN

Filters traffic by L7 FQDN.

L7 Protocol

Filters traffic by L7 protocol.

L7 Protocol Name

Filters traffic by L7 protocol name.

L7 Protocol Risk

Filters traffic by L7 protocol risk.

L7 Risk Score

Filters traffic by L7 risk score.

Last Switched

Filters traffic by last switched.

Mask Length

Filters traffic by mask length.

Next Hop

Filters traffic by next hop.

Output SNMP

Filters traffic by output SNMP.

Packets

Filters traffic by packets.

Protocol

Filters traffic by protocol.

Protocol Name

Filters traffic by protocol name.

Sampling Algorithm

Filters traffic by sampling algorithm.

Sampling Interval

Filters traffic by sampling interval.

Source Address

Filters traffic by source address.

Source Autonomous System

Filters traffic by source autonomous system

Source CSP Tag

Filters traffic by source CSP tag.

Source Gateway

Filters traffic by source gateway.

Source Locality

Filters traffic by source locality.

Source Mask Length

Filters traffic by source mask length.

Source Port

Filters traffic by source port.

Source Port Name

Filters traffic by source port name.

TCP Flag Tags

Filters traffic by TCP flag tags.

TCP Flags

Filters traffic by TCP flags.

TCP Flags Label

Filters traffic by TCP flags label.

TOS

Filters traffic by the TOS.

Throughput

Filters traffic by the throughput.

Timestamp

Filters traffic by timestamp

Version

Filters traffic by timestamp.

World View of Where Traffic is Going To and Coming From

Use the CoPilot > Monitor > FlowIQ > GeoLocation page to see, geographically, where the majority of your traffic is going to and coming from. The world view topology map lets you see where traffic is coming from the most.

If you are not expecting traffic to come into your network from a given country, this may merit further inspection. You can drill into the heat map to analyze the traffic closely by country.

Top Talkers in Your Network and Where They are Communicating

Use the FlowIQ > Flows tab to see the top talkers in your network. The bigger bands in the sankey flow chart represent the top talkers.

You may decide to move top talkers that communicate with each other to be in closer regions to save on cost.

Overview of Your Traffic Statistics

Use the FlowIQ Overview page to get information based on various metrics for all traffic observed in your network over a specified timeframe.

Trends in Your Traffic Over Time

Use the Trends page to see trends in your traffic over time. You can view spikes that may be happening and drill down to investigate these trends.

Link Latencies that may Impact Traffic

Your traffic may be impacted by increased latencies for links in your network. In the CoPilot Topology page, you can use the map to see link status for links between gateways located in different VPC/VNets. A green link indicates connectivity is established.