View connection information that is grouped by various options.
By default, the Connections window displays the following graphs:
Records Matched Over Time graph provides time-series information that shows the number of connections based on time.
Connection Graph that provides a visual representation of the connections retrieved.
If a saved search is the default, the results for that saved search are displayed.
- Click the Risks tab.
- On the navigation menu, click Connections.
- Select a time frame by selecting the Start Time and End Time parameters, or use the View list.
In the table, right-click any cell (except cells from the Last Packet Time column) for a menu, to apply more filtering or to View Connection Events.
The Connections window displays the following information:
Table 1: Connections Window - Default
This parameter displays only after you apply a filter.
Details of the filter that is applied to the search result are displayed on top. To clear these filter values, click Clear Filter.
From the list, select the time range that you want to filter. Use the Expand option to adjust the time range.
Current statistics include the following parameters:
Total Results— The total number of results that matched your search criteria.
Data Files Searched —The total number of data files searched during the specified time span.
Compressed Data Files Searched— The total number of compressed data files searched within the specified time span.
Index File Count— The total number of index files searched during the specified time span.
Duration— The duration of search.
Current Statistics are helpful for troubleshooting. When you contact Juniper Customer Support to troubleshoot an issue, you might be asked to provide current statistical information. Click the arrow next to Current Statistics to display or hide the statistics
Displays charts that represent the records that are matched by the time interval and/or grouping option. Click (Hide Charts) if you want to remove the graph from your display.
Note: Remove Firefox Adblock Plus if it prevents charts from displaying in Firefox.
Last Packet Time
The date and time of the last processed packet for this connection.
The Source Type for this connection, which can be: Host or Remote.
The following are options for the Source:
IP address— The IP address for the source of this connection. If the Source Type is Host, the IP address is displayed.
Country— The source country (with the country flag) for this connection. The country flag is only displayed if the Source Type is remote.
The options for Destination Type are: Host or Remote.
The options for Destination are:
IP address - If the Destination Type is host, the IP address is displayed.
Country - The destination country (with the country flag) for this connection. The country flag is only displayed if the Destination Type is remote.
The protocol that is used for this connection.
The destination port for this connection.
The flow application that generated the connection.
The source of flows that are associated with this connection. This parameter applies only to accepted connections.
The total number of flows that are associated with this connection.
Flow Source Bytes
The total number of flow source bytes associated with this connection.
Flow Destination Bytes
The total number of destination bytes associated with this connection.
The source of events that contribute to this connection.
The total number of events that are detected for the connection.
The options for connection type are:
Allow or Deny.