Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Viewing Connections

 

View connection information that is grouped by various options.

By default, the Connections window displays the following graphs:

  • Records Matched Over Time graph provides time-series information that shows the number of connections based on time.

  • Connection Graph that provides a visual representation of the connections retrieved.

Note

If a saved search is the default, the results for that saved search are displayed.

  1. Click the Risks tab.
  2. On the navigation menu, click Connections.
  3. Select a time frame by selecting the Start Time and End Time parameters, or use the View list.

    In the table, right-click any cell (except cells from the Last Packet Time column) for a menu, to apply more filtering or to View Connection Events.

The Connections window displays the following information:

Table 1: Connections Window - Default

Parameter

Description

Current Filters

This parameter displays only after you apply a filter.

Details of the filter that is applied to the search result are displayed on top. To clear these filter values, click Clear Filter.

View

From the list, select the time range that you want to filter. Use the Expand option to adjust the time range.

Current Statistics

Current statistics include the following parameters:

Total Results— The total number of results that matched your search criteria.

Data Files Searched —The total number of data files searched during the specified time span.

Compressed Data Files Searched— The total number of compressed data files searched within the specified time span.

Index File Count— The total number of index files searched during the specified time span.

Duration— The duration of search.

Current Statistics are helpful for troubleshooting. When you contact Juniper Customer Support to troubleshoot an issue, you might be asked to provide current statistical information. Click the arrow next to Current Statistics to display or hide the statistics

.

Charts

Displays charts that represent the records that are matched by the time interval and/or grouping option. Click (Hide Charts) if you want to remove the graph from your display.

Note: Remove Firefox Adblock Plus if it prevents charts from displaying in Firefox.

Last Packet Time

The date and time of the last processed packet for this connection.

Source Type

The Source Type for this connection, which can be: Host or Remote.

Source

The following are options for the Source:

IP address— The IP address for the source of this connection. If the Source Type is Host, the IP address is displayed.

Country— The source country (with the country flag) for this connection. The country flag is only displayed if the Source Type is remote.

Destination Type

The options for Destination Type are: Host or Remote.

Destination

The options for Destination are:

IP address - If the Destination Type is host, the IP address is displayed.

Country - The destination country (with the country flag) for this connection. The country flag is only displayed if the Destination Type is remote.

Protocol

The protocol that is used for this connection.

Destination Port

The destination port for this connection.

Flow Application

The flow application that generated the connection.

Flow Source

The source of flows that are associated with this connection. This parameter applies only to accepted connections.

Flow Count

The total number of flows that are associated with this connection.

Flow Source Bytes

The total number of flow source bytes associated with this connection.

Flow Destination Bytes

The total number of destination bytes associated with this connection.

Log Source

The source of events that contribute to this connection.

Event Count

The total number of events that are detected for the connection.

Connection Type

The options for connection type are:

Allow or Deny.