ER Dashboard Template
An enterprise router connects VPCs and on-premises networks to build a central hub network that features high-specification, high-bandwidth, and high-performance. Enterprise routers use the Border Gateway Protocol (BGP) to learn routes, dynamically select routes, or switch between connections, thereby significantly improving network scalability and O&M efficiency and ensuring service continuity.
LTS provides a one-stop wizard to collect enterprise router logs. It also supports multi-dimensional analysis and structuring, and offers a dashboard for enterprise router logs. This dashboard displays data such as the top 20 packets, top 20 traffic, and number of flow logs in enterprise router logs.
Prerequisites
- Flow logs have been collected from Enterprise Router. For details, see Ingesting Enterprise Router Logs to LTS.
- Logs have been structured. For details, see Setting Cloud Structuring Parsing.
Enterprise Router Flow Log Center
- Log in to the LTS console.
- In the navigation pane, choose Dashboards.
- Choose ER dashboard templates under Dashboard Templates and click Enterprise Router Flow Log Center to view the chart details.
- Filter by instance ID. The associated query and analysis statement is:
SELECT DISTINCT(instance_id)
- Filter by attachment ID. The associated query and analysis statement is:
SELECT DISTINCT(resource_id)
- Traffic Flow. You can filter the traffic data by ingress and egress. The associated query and analysis statement is:
- Filter by source IP address. The associated query and analysis statement is:
SELECT DISTINCT(srcaddr)
- Filter by destination IP address. The associated query and analysis statement is:
SELECT DISTINCT(dstaddr)
- Filter by protocol. The associated query and analysis statement is:
SELECT DISTINCT(protocol)
- Top 20 by Packets. The associated query and analysis statement is:
SELECT "srcaddr" as "Source IP", "dstaddr" as "Destination IP", sum("packets") as "Packets", "resource_id" as "Attachment ID", "instance_id" as "Instance ID" group by "instance_id", "resource_id", "srcaddr", "dstaddr" order by "Packets" desc limit 20 - Top 20 by Traffic. The associated query and analysis statement is:
SELECT "srcaddr" as "Source IP", "dstaddr" as "Destination IP", sum("bytes") as "Bytes", "resource_id" as "Attachment ID", "instance_id" as "Instance ID" group by "instance_id", "resource_id", "srcaddr", "dstaddr" order by "Bytes" desc limit 20 - Flow Logs. The associated query and analysis statement is:
select time_series(__time, 'PT1H', 'yyyy-MM-dd HH:mm:ss', '0', '+08:00') as "Time", count(*) as "Flow Logs" group by "Time" order by "Time"
- Flow Log Details. The associated query and analysis statement is:
SELECT "instance_id" as "Instance ID", "resource_id" as "Attachment ID", "project_id" as "Project ID", "srcaddr" as "Source IP", "dstaddr" as "Destination IP", "srcport" as "Source Port", "dstport" as "Destination Port", "protocol" as "Protocol", "direct" as "Traffic Flow", "packets" as "Packets", "bytes" as "Bytes", TIME_FORMAT( MILLIS_TO_TIMESTAMP("start"*1000), 'yyyy-MM-dd HH:mm:ss', '+08:00') as "Started", TIME_FORMAT( MILLIS_TO_TIMESTAMP("end"*1000) , 'yyyy-MM-dd HH:mm:ss', '+08:00') as "Ended"
- Filter by instance ID. The associated query and analysis statement is:
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
