Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Requesting NTA Top Conversations Statistics

 

Use the Cloud Analytics Engine DLE API as follows to retrieve Network Traffic Analysis (NTA) top-performing conversation statistics from network devices known to DLE.

GET /api/v1/nta/top-conversations

Use this DLE API request to get NTA top conversation flow statistics collected by DLE. Response data is in JSON format.

Request Format:

  • GET method

Request Parameters:

  • Table 1 describes the request parameters.

    Table 1: NTA Top Conversations Request Parameters

    Request Parameter

    Description

    device

    (String) Device IP address.

    if-index

    (String) Interface SNMP index.

    start

    (Numeric) Start time in ms (epoch time). Query DLE for data starting at this timestamp.

    end

    (Numeric) Optional end time in ms (epoch time). Query DLE for data up until this timestamp

    count

    (Numeric) Requested limit on number of top conversation statistics results returned (out of total available).

Response Data:

  • Table 2 describes the response data.

    Table 2: NTA Top Conversations Response Data Object

    Element Name

    Description

    total-conversations

    (Numeric) Total number of conversations for which statistics were collected.

    avg-byte-count

    (Numeric) Average byte count for all conversations for which statistics were collected.

    limit

    (Numeric) Number of conversations for which statistics results are provided in the response (might be limited based on the requested conversation count compared to total-conversations).

    top-conversations

    List of top conversation statistics data objects (see NTA Top Stats Response Transfer Object) by conversation identifier pair (source IP address, destination IP address), based on the request parameters and total conversations for which statistics were collected.

See NTA Top Conversations Data Learning Engine API Example for a sample request and response.

NTA Top Stats Response Transfer Object

The DLE API returns the NTA top statistics transfer object in response to a request for NTA top application or conversation statistics. (See GET /api/v1/nta/top-applications and GET /api/v1/nta/top-conversations.) The response data is a list of top statistics results, in JSON format, with each result identified by the following elements:

  • For top applications statistics, an application identifier element pair:

    • port: (Numeric) Application port number.

    • protocol: (String) Application transport protocol - “TCP” | “UDP”.

  • Or for top conversation statistics, a conversation identifier element pair:

    • src-ip: (String) Conversation source IP address.

    • dst-ip: (String) Conversation destination IP address.

  • And the remaining elements in Table 3.

    Table 3: NTA Top Stats Response Object Common Elements

    Element Name

    Description

    ingress-bytes

    (Numeric) Total number of ingress bytes generated by the application or on the conversation on the specified interface.

    egress-bytes

    (Numeric) Total number of egress bytes generated by the application or conversation on the specified interface.

    total-bytes

    (Numeric) Total number of bytes (ingress + egress) generated by the application or conversation on the specified interface.

    bytes-percent

    (Numeric, Decimal) Percent of bytes transferred by the specified application or on the specified conversation out of all traffic flow on the specified interface.

    rank

    (Numeric) Rank of this top application or conversation results among all the top applications or conversations in this response.

NTA Top Conversations Data Learning Engine API Example

The following is a DLE API example for retrieving NTA top conversations statistics from DLE. See GET /api/v1/nta/top-conversations and NTA Top Stats Response Transfer Object. In this example, although the request asks for 5 top conversation results, DLE collected fewer than that number in the requested time period, so the DLE response includes only the 2 results that are available.

Request:

http://192.168.55.122:8282/api/v1/nta/top-conversations?

device=192.168.55.93&if-index=521&start=1441057546726&count=5

Response: