/
opFlowSP API v1 Notes

opFlowSP API v1 Notes

Dec 09, 2019

TopN

Group By Options

The information provided by the opFlowSP API can be filtered to that information provided under opFlowSP  TopN Options.

  • The opFlowSP primary option group_by changes to implement these filters;

  • The opCharts template also changes as follows:

    • The template name property must change to an appropriate string as each template name  needs to be different;

    • The template options{titleText} should change to an appropriate string value too;

    • The template external_url should change as follows:

      • external_url changes from the # character and is exactly that provided at the end of the URL in the browser addressbar for each option at opFlowSP->View->TopN->Options;

    • the template table_schema changes for each option as per the JSON returned by opFlowSP:

      • table_schema does require analysing the JSON returned by opFlowSP and setting table schema to best reflect the equivalent columnar structure in opFlowSP TopN Options.

Top Applications View

"group_by" : ["application"]

Example:

Top Application Sources View

"group_by" : ["src_ip","application"]

Example:

Top Application Conversations View

"group_by" : ["src_ip","dst_ip","application"]

Top Listeners View

"group_by" : ["dst_ip"]

Top Protocols View

"group_by" : ["proto"]

Top Talkers View

"group_by" : ["src_ip"]

Example:

Top TOS View

"group_by" : ["tos"]