Chapter 6. How To Exercises
Prev   Next

How To Exercises

Table of Contents

6.1. Bandwidth Measurement How To's
6.1.1. How To Measure Bandwidth for Subnets
6.1.2. How To Measure Bandwidth for Applications
6.1.3. How To Measure Bandwidth for Departments
6.1.4. How To Look for Top Talkers
6.1.5. How To Measure Utilization for Routers
6.2. Problem identification How To's
6.2.1. How To Look for Problems

The "How To's" provide a handful of basic scenarios of using the features of nLive. There are an infinite number of scenarios possible, but these cases might get you started and familiar with the usage of the application. You may explore the various menus, tabs etc on your own, after going through some of these basic "How To's". If your product edition does not have some of the capabilities that may be required to carry out the steps described below such as problem detection or topology module, you may still perform similar tasks using available features and achieve some degree of success in what you are looking for.

[Tip]Tip

Although the How To's are written to be stand alone procedures, please read through all of them and try to follow them on the user interface as you read the steps. This is because several useful features are described in different How To's, since all useful features cannot be described in a single procedure due to space constraints. By following the various procedures described, you can progress along the learning curve fairly quickly and start using the full power of the product sooner.

6.1. Bandwidth Measurement How To's

6.1.1.  How To Measure Bandwidth for Subnets

Procedure 6.1.  Using standard reports

  1. Choose 'Reports' tab. Open 'All traffic' or 'Abnormal traffic' based on what you are interested in for bandwidth measurement.
  2. Open 'Connections' and choose a direction. Then choose 'Volume' to indicate bandwidth.
  3. Choose a report that is titled 'Class C subnets...' or 'Class B subnets...' as you like. Scroll down and observe the report produced.
  4. If you like to see further details on each bar on the charts, click on the one of interest and choose one of the several menu items in the context menu that pops up.
  5. While drilling down, if you want a different kind of report, table or graph, open the 'Search preferences' dialog as described in Section 4.8.12, “Search Preferences”. Choose a different report and use the drill-down context menus again.
  6. If you want a report for a different time-frame or region, then choose these at the top bar and click 'Recompute'
  7. If you like a PDF of any report you created, click the PDF button at the top of the report.

Procedure 6.2. Using dashboards

  1. Choose whether you want to determine of all traffic or abnormal traffic. Choose a dashboard tab accordingly.
  2. Open up the dashboard category 'Connections' which show the categories of traffic directions. Choose whether you want to determine bandwidth of inbound, outbound, internal, or all traffic. Choose a dashboard according to the above criterion.
  3. Choose the 'Volume' category of dashboards, which indicate bandwidth.
  4. Choose the 'Locations' dashboard. On the table, click on the tab 'Cls-C' or 'Cls-B' for the subnet class. You can now see the client and server subnets. These are the subnets where the traffic's clients and servers reside.
  5. See bandwidth information given as 'Data transferred', 'Server to Client' or 'Client to Server' columns. Sort the table as needed by clicking on the column titles.

Procedure 6.3. Using graphs

  1. This part will only show subnets when the traffic is 'Internal' because external subnets might overwhelm the graph. Choose 'Graphs' tab.
  2. Choose whether you want to determine of all traffic or abnormal traffic. Choose a category of graphs accordingly.
  3. Open up the graph category 'Connections' which show the categories of traffic directions.
  4. Choose 'Internal'. Choose the 'Volume' category of graphs, which indicates bandwidth.
  5. Choose the 'Class C Subnets' or 'Class B Subnets' graph.
  6. The graph should render in a short while.
  7. If the edge-lines are thick, that means the bandwidth usage is high. Put the mouse over the edges to see details on the tooltips.
  8. The edges and nodes can be clicked for further drill down to get details on which hosts or applications are consuming more bandwidth, etc.

Procedure 6.4. Using Search: Method 1

  1. Choose the 'Search' tab. Refer to Section 4.6, “Searching into Data Streams” for help on how to use the search form to search into data streams.
  2. Select a data stream that you want to measure the bandwidth by subnets.
  3. Click on the 'Search preferences' button above the search form to open the dialog as described in Section 4.8.12, “Search Preferences”. Choose a detailed traffic table.
  4. Leave the three search criteria blank or input any criteria you like.
  5. Choose a time frame and click on the 'Table' button. Wait for table to render.
  6. Choose the 'Cls-C' or 'Cls-B' tab of the table to see bandwidth usage given in the table columns.
  7. Alternately, if you choose 'Class C' or 'Class B' in the search preferences for graphs, then click on the graph button to obtain search results in the form of a graph, you can still see the bandwidth usage between subnets.
  8. If you have too many tabs open at the bottom, please click on 'Close tabs' button above the search form to close them.
  9. If you would like to see search results better, you can collapse the search form using the button at the right end of the search toolbar.
  10. If you like a PDF of any report you created, click the PDF button at the top of the report.

Procedure 6.5. Using Search: Method 2, Specific subnets

  1. Choose the 'Search' tab. Refer to Section 4.6, “Searching into Data Streams” for help on how to use the search form to search into data streams.
  2. Select a data stream that you want to measure the bandwidth by subnets.
  3. In the first search criterion, select a server or client subnet (Class A,B, or C) as you like. Choose 'Equal', 'Like' or other meaningful operator. If you choose 'Like' operator, you can input values like '192.168.%' or '10.10.%', which try to match the first part of the subnet name and allow any value for the last part. Refer to Section 4.6, “Searching into Data Streams” for help on the search operators.
    [Caution]Caution

    If you chose the 'Equal' operator, then the subnet should be input exactly as '192.168.20.0/24' or '10.10.0.0/16'. No other notation will work. The quantity after the slash should be 24, 16, or 8, for class C, B, and A, respectively.

  4. Add a second or third criterion as you like.
  5. Choose a time frame and click on the 'Report', 'Graph', or 'Table' button. Wait for your search to return. The results show the traffic for the specific subnet(s) you chose.
  6. If you like to see further details on each bar on the charts, or edge on the graph, click on the one of interest and choose one of the several menu items in the context menu that pops up.
  7. If you have too many tabs open at the bottom, please click on 'Close tabs' button above the search form to close them.
  8. If you would like to see search results better, you can collapse the search form using the button at the right end of the search toolbar.
  9. If you like a PDF of any report you created, click the PDF button at the top of the report.

6.1.2.  How To Measure Bandwidth for Applications

Procedure 6.6. Using standard reports

  1. Choose the 'Reports' tab. Open 'All traffic' or 'Abnormal traffic' based on what you are interested in for bandwidth measurement.
  2. Open 'Connections' and choose a direction. Then choose 'Volume' to indicate bandwidth.
  3. Choose a report that is titled 'Ports and Protocols for ...' . Scroll down and observe all the charts on the report produced. The first chart is that of applications. The rest show ports and activities. Alternately, you can choose other reports such as 'Clients and Servers...', etc., which also have applications chart in them.
  4. If you like to see further details on each bar on the charts, click on one of interest and choose one of the several menu items in the context menu that pops up.
  5. While drilling down, if you want a different kind of report, table or graph, open the 'Search preferences' dialog as described in Section 4.8.12, “Search Preferences”. Choose a different report and use the drill-down context menus again.
  6. If you want a report for a different time-frame or region, then choose these at the top bar and click 'Recompute'.
  7. If you like a PDF of any report you created, click the PDF button at the top of the report.

Procedure 6.7. Using dashboards

  1. Choose whether you want to determine of all traffic or abnormal traffic. Choose a dashboard tab accordingly.
  2. Open up the dashboard category 'Connections' which show the categories of traffic directions. Choose whether you want to determine bandwidth of inbound, outbound, internal or all traffic. Choose a dashboard according to the above criterion.
  3. Choose the 'Volume' category of dashboards, which indicate bandwidth.
  4. Choose the 'Applications' dashboard. You will see a timeline bar chart of application bandwidth usages.
  5. There is a table below that which shows applications and other tabs. You may explore these other tabs.
  6. See bandwidth information given as 'Data transferred', 'Server to Client', or 'Client to Server' columns. Sort the table as needed by clicking on the column titles.
  7. You can click on any bar on the chart above and select drill-down context menu items to explore that particular application further to see which users/hosts are responsible for the usage of that application, etc.

Procedure 6.8. Using Search: Method 1

  1. Choose 'Search' tab. Refer to Section 4.6, “Searching into Data Streams” for help on how to use the search form to search into data streams.
  2. Select a data stream that you want to measure the bandwidth
  3. Leave the three search criteria blank or input any criteria you like.
  4. Choose a time frame and click on 'Report' or 'Table' button. Wait for report or table to render.
  5. If you rendered report, then one of the charts will show application bandwidth usage. If you rendered a table, one of the tabs will show applications and their bandwidth given as 'Data transferred', 'Server to Client', or 'Client to Server' columns.
  6. If you rendered a table, you may explore the different tabs of the table or sort the tables as needed by clicking on the column titles.
  7. Alternately, you can render other report or tables. Click on the 'Search preferences' button above the search form to open the dialog as described in Section 4.8.12, “Search Preferences”. Choose a detailed traffic table or a report such as 'Timeline: Hosts, Apps by Volume'. Then click on the 'Report' or 'Table' button to conduct a new search to obtain the newly chosen table or report template.
  8. If you have too many tabs open at the bottom, please click on 'Close tabs' button above the search form to close them.
  9. If you would like to see your search results better, you can collapse the search form using the button at the right end of the search toolbar.
  10. If you like a PDF of any report you created, click the PDF button at the top of the report.

Procedure 6.9. Using Search: Method 2, Specific Applications

  1. Choose the 'Search' tab. Refer to Section 4.6, “Searching into Data Streams” for help on how to use the search form to search into data streams.
  2. Select a data stream that you want to measure the bandwidth. Here, you can choose a sub data stream that refer to the application name that you may be interested in. This is accomplished by drilling down into the data streams tree and choosing 'All (more)...' and further choosing what you like.
  3. Choose 'Application category', 'Application', or 'Service port' as a search criterion. Choose an operator - it does not always have to be 'Equal'. You can use 'Like', 'Pattern Match', or anything else that makes sense. When you choose the value drop down box, you will get a list of possible values (not if you choose 'Service port'). You can also start typing in a few characters in the value box, and the matching values will appear in a a list. If values do not appear, you can reset the form and then start all over. They should then start to appear. Reloading the search page will also fix it.
    [Tip]Tip

    If you choose service ports, you can actually apply a range of service ports using two search criteria. For instance, the first criterion can input 'Greater than or equal 5000' and the second criterion can be 'Less than or equal 6000'. This will allow all ports from 5000 to 6000. You can also choose a protocol as the third criterion.

  4. Choose a time frame and click on the 'Report' , 'Graph', or 'Table' button. Wait for results to render.
  5. If you rendered report, then one of the charts will show application bandwidth usage. If you rendered a table, one of the tabs will show applications and their bandwidth given as 'Data transferred', 'Server to Client' or 'Client to Server' columns. Similarly, graphs show thin or thick edges indicating bandwidth usage.
  6. If you rendered a table, you may explore the different tabs of the table or sort the tables as needed by clicking on the column titles.
  7. Alternately, you can render other report or tables. Click on the 'Search preferences' button above the search form to open the dialog as described in Section 4.8.12, “Search Preferences”. Choose a detailed traffic table or a report such as 'Timeline: Hosts, Apps by Volume'. Then click on the 'Report' or 'Table' button to conduct a new search to obtain the newly chosen table or report template.

6.1.3.  How To Measure Bandwidth for Departments

In order to measure the bandwidth associated with departments, you will first need to define departments. One way to do that is using business groups. This is described in Section 3.1.5, “Business group” and Section 4.8.4, “Business Groups ”. One has to define them significantly earlier than the following procedure, since the definitions do not take effect retroactively. That means, any reporting you do after you change the definitions will be accurate, while all data prior to the change will contain the older definitions.

If you have organized departments using subnets, then you can follow the procedures in Section 6.1.1, “ How To Measure Bandwidth for Subnets”. Otherwise, follow the steps below assuming that you defined the departments using business groups.

Procedure 6.10.  Using standard reports

  1. Choose the 'Reports' tab. Open 'All traffic' or 'Abnormal traffic' based on what you are interested in for bandwidth measurement.
  2. Open 'Connections' and choose a direction. Then choose 'Volume' to indicate bandwidth. Choose a report that is titled 'Business groups for ...'. Scroll down and observe the charts produced.
  3. If you like to see further details on each bar or pie slice on the charts, click on one of interest and choose one of the several menu items in the context menu that pops up.
  4. Instead of Step 2, under Connections::...::Volume, one can choose 'Timelines' and choose a report, 'Client Business Groups...' or 'Server Business Groups...', to see another kind of report.
  5. Instead of Step 2, choose 'Business Groups' category of reports under 'All traffic' or 'Abnormal traffic', and then choose the name of the department (business group), under which you can find reports pertaining to that business group. Under that, there are several reports which you can peruse to see what activities are happening in that department.

Procedure 6.11. Using dashboards

  1. Choose either all traffic or abnormal traffic. Choose a dashboard tab accordingly.
  2. Open up the dashboard category 'Connections' which show the categories of traffic directions. Choose whether you want to determine the bandwidth of inbound, outbound, internal, or all traffic. Choose a dashboard according to the above criterion.
  3. Choose the 'Volume' category of dashboards, which indicate bandwidth.
  4. Choose the 'Locations' dashboard. On the table, click on the tab 'B-grps'. You can now see the client and server business groups.
  5. See bandwidth information given as 'Total data transferred', 'Server to Client', or 'Client to Server' columns. Sort the table as needed by clicking on the column titles.
  6. Instead of Step 2, Open the 'Business Groups' category of dashboards. Then explore the various dashboards that are available under the name of the department of your interest to see what activities are happening in that department.

Procedure 6.12. Using graphs

  1. Choose the 'Graphs' tab.
  2. Choose either all traffic or abnormal traffic. Choose a category of graphs accordingly.
  3. Open up the graph category 'Connections', which shows the categories of traffic directions. Choose whether you want to determine the bandwidth of inbound, outbound, internal, or all traffic. Choose a graph according to the above criterion.
  4. Choose the 'Volume' category of graphs, which indicate bandwidth.
  5. Choose the 'Business Groups' subcategory.
  6. The graph should render in a short while. The graph nodes are various business groups, and the edges show the traffic between them.
  7. If the edge-lines are thick, that means the bandwidth usage is high. Put the mouse over the edges to see details on the tooltips.
  8. The edges and nodes can be clicked for further drill down to get details on which hosts or applications are consuming more bandwidth etc.
  9. Instead of Step 3, Open the 'Business Groups' subcategory of graphs, Then explore the various graphs that are available under the name of the department of your interest to see what activities are happening in that department. For instance, one can see what other business groups are connected to from a given department.

Procedure 6.13. Using Search: Method 1

  1. Choose the 'Search' tab. Refer to Section 4.6, “Searching into Data Streams” for help on how to use the search form to search into data streams.
  2. Select a data stream that you want to measure the bandwidth by business group.
  3. Click on the 'Search preferences' button above the search form to open the dialog as described in Section 4.8.12, “Search Preferences”. Choose the report called 'Business groups by volume'. Choose the traffic table called 'Detailed traffic table'. Choose the graph called 'Business groups'.
  4. Leave the three search criteria blank or input any criteria you like.
  5. Choose a time frame and click on 'Report, 'Table' or 'Graph' button.
  6. If a table is rendered, choose 'B-grps' tab of the table to see bandwidth usage given in the table columns.
  7. Alternately, if you choose a graph, see the traffic between business groups according to the search criteria you chose. Click on the edges or nodes for further exploration using drill-down menus.
  8. If you chose a report, see the pie charts showing client and server business groups. Click on the charts for further exploration using drill-down menus.

Procedure 6.14. Using Search: Method 2, Specific Business Groups

  1. Choose the 'Search' tab. Refer to Section 4.6, “Searching into Data Streams” for help on how to use the search form to search into data streams.
  2. Select a data stream that you want to measure the bandwidth by business group.
  3. In the first search criterion, select a server or client business group as you like. Choose 'Equal', 'Like', or other meaningful operator. If you choose 'Like' operator, you can input values like 'Inter%' which try to match the first part of the business group name and allow anything for the last part. Refer to Section 4.6, “Searching into Data Streams” for help on the search operators.
    [Caution]Caution

    If you chose the 'Equal' operator, then the business group name should be input exactly as it is. After choosing client or server business group names in 'Field1', you can click on the drop down list box of values, and it should automatically populate it with the business group names. If you start typing into the value field, you will see a list of matching names.

  4. Add a second or third criterion as you like.
  5. Choose a time frame and click on 'Report', 'Graph', or 'Table' button. Wait for your search to return. The result show the traffic for the specific business groups you chose.
  6. You can choose to obtain other kinds of search results by choosing other report, graph, and table templates. In order to make this happen, click on the 'Search preferences' button above the search form to open the dialog as described in Section 4.8.12, “Search Preferences”.

6.1.4.  How To Look for Top Talkers

Procedure 6.15.  Using standard reports

  1. Choose the 'Reports' tab. Open 'All traffic' or 'Abnormal traffic' based on what you are interested in for bandwidth measurement.
  2. Open 'Connections' and choose a direction. Then choose 'Volume' to indicate bandwidth.
  3. Instead of Step 2 one can also choose 'Business Groups' or some other category and get to the 'Volume' sub-category.
  4. Choose a report that is titled 'Clients and Servers for ...' as you like. Scroll down and observe the report produced. The charts show top clients and servers.
    [Tip]Tip

    The top clients are determined by observing which hosts are responsible for the traffic. For instance, if there is a lot of web traffic, the clients which are pulling in the data are considered the top clients, although the traffic flow is from the web servers. We do not consider the web servers to be the top talker just because they emitted more bytes than the clients. The direction of the traffic is determined whenever possible and the hosts that start the conversation is considered to be responsible for the entire conversation and is assigned the name Client. Please refer to Section 3.1.12, “Servers and Clients ”.

  5. Instead of Step 4 one can also choose the 'Timelines' sub-category under 'Volume'. Then one can choose a report 'Clients for...' or 'Servers for...' and see the time lines and the top clients and servers.
  6. Just like in Using standard reports one can explore the reports by drilling down, etc.

Procedure 6.16. Using dashboards

  1. Choose either all traffic or abnormal traffic. Choose a dashboard tab accordingly.
  2. Open up one of the the dashboard categories 'Connections', Business Groups', or any other category that interests you. Choose the direction of traffic, business group name, or other sub-category which will lead you to a 'Volume' category of dashboards, which indicate bandwidth.
  3. Choose the 'Volume' category of dashboards, which indicate bandwidth.
  4. Look for the 'Clients' dashboard or 'Servers' dashboard. They will give the top clients and servers.
  5. You may also look at the table tabs on these dashboards called 'Clients' or 'Servers'. The tables on the dashboards show a shorter time duration while the charts are for longer time duration. Sort the table as needed by clicking on the column titles.

Procedure 6.17. Using graphs

  1. Choose either all traffic or abnormal traffic. Choose a category of graphs accordingly.
  2. Open up the graph category 'Connections' or any other category that interest you.
  3. Open sub-categories until you see 'Volume' which indicate bandwidth. Open it. Then choose the 'Hosts' type graph.
  4. The graph shows the top conversation pairs. Although the graph does not show the top clients, you can get a quick idea on the top conversation pairs by looking at the graph.
  5. You will need to look for thick graph edges, which indicate higher amounts of data flow. Put the mouse over the edges to see details on the tooltips.
  6. The edges and nodes can be clicked for further drill down to get details on which hosts or applications are consuming more bandwidth etc.

Procedure 6.18. Using Search

  1. Choose the 'Search' tab. Refer to Section 4.6, “Searching into Data Streams” for help on how to use the search form to search into data streams.
  2. Select a data stream that you want to observe the top clients for.
  3. If you have previously changed the standard search results, then click on the 'Search preferences' button above the search form to open the dialog as described in Section 4.8.12, “Search Preferences”. Choose a detailed traffic table. Then choose 'Timeline: Hosts, Apps by Volume' or 'Hosts, Apps by Volume' as the report. Choose 'Basic Traffic Table' as the table and 'Host Conversations' as the graph.
  4. Leave the three search criteria blank or input any criteria you like.
  5. Choose a time frame and click on the 'Report', 'Graph', or 'Table' button. Wait for search to return. The result show the clients as a chart in a report, or as a table with tabs named 'Clients', 'Servers' etc.
  6. As described in the previous procedures, you can explore and drill-down into the charts, make PDFs, etc.

6.1.5.  How To Measure Utilization for Routers

To be done...

Prev   Next
5.3. Problem Detection Customization Home 6.2. Problem identification How To's
Windows Help & PDF formats available hereVigiliti Systems, Inc.

Copyright © 2010-11 Vigiliti Systems, Inc.