Tariscope 4.6. User's guide
Chapter 2. Tariscope application
2.2. Working with views for calls
2.2.7 View for IP traffic
Tariscope provides a collection of information about IP traffic from network devices which support NetFlow, IPFIX, or rFlow. To analyze this information, a view for IP traffic is used. A view for IP traffic is created the same way as a view for calls. From the Views menu, select Views list. The Views page appears, where you need to click on the Add icon on the toolbar. In the appeared menu select the Create a view for IP traffic item. The New view for IP Traffic page appears as it is shown in Figure 2.2.7.1.
Figure 2.2.7.1
In the View name box, enter a view name that displays the purpose of the view.
The Row limit (zero for no limit) box contains by default the value of 1000. This means that the view will display only 1000 records. You can change the value. To display all records, change the value to 0. We recommend limiting the number of records.
The Equipment position allows you to select a single telephone system or group of telephone systems for which information will display. Click on the button located right on the position. The Equipment window appears. Select the desired PBXs. If you have only a single PBX, do not do anything here.
The Period list allows you to select a period to display information. The list includes the next options:
- Today.
- Yesterday.
- This week.
- Last week..
- This month.
- Last month..
- This year.
- Last year..
- Selected month.
- Selected year.
- Custom period.
If you have selected the Selected month option, two lists appear: Year and Month. Select in these lists the required year and month.
If you have selected the Selected year option, the Year list appears. Select the required year.
If you have selected the Custom period option, the From and To calendar boxes appear. Specify the required period in these boxes.
In the Source box, enter an IP address of IP device from which is an originator of IP traffic.
In the Port box, type IP port of the device.
In the Destination box, enter an IP address of IP device which is a destination of IP traffic.
In the Port box, type IP port of the device.
To select network protocols which you want to analyze, click on the Protocol box. A list of protocols appears. Select the desired protocol. Repeat these actions for other protocols.
In the case when you need to unite the set filter parameters with previously saved filter, the Combine with filter lists are used. In the right list, where the word of OR is displayed, select the logical function, which will unite the set filter parameters with the saved filter. In the left list, select the name of desired saved filter.
If you wish to look at a part of SQL query that is after the word WHERE of the query for the set filter parameters, click on the Show query button. The SQL Editor window appears. An example of the window is shown in Figure 2.2.1.4. You can change the query and save it. Only users with rights of Tariscope administrators have ability to change the query.
Also, you can choose the desired fields which will be displayed in the view. To do this, click on the Configuring the view fields button. The Select columns to display window appears which contains a list of the fields (Table 2.2.7.1).
Table 2.2.7.1.
| Field | Description |
| Date/time | Displays a date and time of the beginning of IP session. |
| Destination | Displays an IP address of IP traffic destination. |
| Destination port | Displays an IP port of the IP traffic destination. |
| Equipment | Displays an IP device name from which IP traffic was collected. |
| ID | Displays an identifier of the record. |
| Protocol | Displays an IP protocol that was used for this IP session. |
| Session duration | Displays a session duration. |
| Size (bytes) | Displays the amount of data transferred. |
| Source IP | Displays an IP port of the IP traffic source. |
| Source port | Displays an IP port of the IP traffic source. |
Select the desired fields and click OK.
Click Save on the New view for IP Traffic page. The IP traffic view appears. It contains a toolbar and table with results of query. The page has the same toolbar as a view for calls. See it description in the Section 2.2.4.
