Device-specific Metrics

Device-specific metrics are covered in the following topics:

• About Device-specific Metrics
• Cisco ASA Metrics
• Cisco Meraki Metrics
• Cisco Zone-based Firewall
• Silver Peak Metrics

Notes:
- The categorization of metrics in the topics below corresponds to the categories by which they are grouped in the Metrics dialog (see Metrics Dialog UI).
- For general information about metrics in Kentik, see About Metrics.
- For metrics that aren't transmitted via a flow protocol, see Non-flow Metrics.
- Metrics that are available as filter or group-by dimensions are covered in the KB's Dimensions Reference (see Per-flow Metrics).
- In addition to being used for query settings in the Kentik portal, metrics are also used for the Query API.

Device-specific metrics are metrics that are generated and stored in KDE only for certain types of devices (physical or virtual). These metrics are stored in Kentik using Universal Data Records (UDR), allowing flexible allocation of data to the columns of the Kentik Data Engine.

Note: UDR metrics have no persistent KDE columns.

These metrics represent traffic volume of flow through Cisco Adaptive Security Appliances (ASA), which may be standalone appliances, blades, or virtual appliances. ASA uses bidirectional flow records in which the "initiator" (source) is the entity that initiates a request and the "responder" (destination) is the entity that replies with a response.

Notes:
- These KDE flow fields store a sum for the flow, which is used to derive the Average, 95th Percentile, and Max numbers that return from queries (e.g. the columns of the tables returned in Data Explorer).
- For more context on these dimensions, see the Cisco document ASA NetFlow Implementation Guide.

Like Cisco ASA, Cisco Meraki uses bidirectional flow records. Kentik's Meraki-specific UDR fields, listed below, store the volume of the flow's "responder" (destination) traffic, whose direction is from the Meraki firewall back to the "initiator" (source) of a request. These fields correspond to the OUT_BYTES and OUT_PKTS data fields in Meraki's NetFlow Version 9 Templates.

Note:
- These KDE flow fields store a sum for the flow, which is used to derive the Average, 95th Percentile, and Max numbers that return from queries (e.g. the columns of the tables returned in Data Explorer).
- The volume from the initiator to the responder is stored in the standard KDE metrics fields in_bytes and in_packets (see General Metrics).

These metrics represent traffic volume of flow through Zone-based Firewalls (ZFW) on Cisco IOS devices. ZFW uses bidirectional flow records in which the "initiator" (source) is the entity that initiates a request and the "responder" (destination) is the entity that replies with a response.

Notes:
- These KDE flow fields store a sum for the flow, which is used to derive the Average, 95th Percentile, and Max numbers that return from queries (e.g. the columns of the tables returned in Data Explorer).
- For more context on these dimensions, see the Cisco document Zone-based Policy Firewall Guide.

These metrics represent App Performance Information elements available from Silver Peak appliances running VXOA software (version 8.21 or higher), which is described in this Silver Peak white paper.