Device-specific Metrics

Device-specific metrics are covered in the following topics:

Notes:
- The categorization of metrics in the topics below corresponds to the categories by which they are grouped in the Metrics dialog (see Metrics Dialog UI).
- For general information about metrics in Kentik, see About Metrics.
- For metrics that aren't transmitted via a flow protocol, see Non-flow Metrics.
- Metrics that are available as filter or group-by dimensions are covered in the KB's Dimensions Reference (see Per-flow Metrics).
- In addition to being used for query settings in the Kentik portal, metrics are also used for the Query API.

 

About Device-specific Metrics

Device-specific metrics are metrics that are generated and stored in KDE only for certain types of devices (physical or virtual). These metrics are stored in Kentik using Universal Data Records (UDR), allowing flexible allocation of data to the columns of the Kentik Data Engine.

Note: UDR metrics have no persistent KDE columns.

 

Cisco ASA Metrics

These metrics represent traffic volume of flow through Cisco Adaptive Security Appliances (ASA), which may be standalone appliances, blades, or virtual appliances. ASA uses bidirectional flow records in which the "initiator" (source) is the entity that initiates a request and the "responder" (destination) is the entity that replies with a response.

Notes:
- These KDE flow fields store a sum for the flow, which is used to derive the Average, 95th Percentile, and Max numbers that return from queries (e.g. the columns of the tables returned in Data Explorer).
- For more context on these dimensions, see the Cisco document ASA NetFlow Implementation Guide.

Metric name (portal) Description Type:
value
column
Initiator Bytes The bytes going from the initiator to the responder. integer
UDR
Responder Bytes The bytes going from the responder to the initiator. text
UDR

 

Cisco Meraki Metrics

Like Cisco ASA, Cisco Meraki uses bidirectional flow records. Kentik's Meraki-specific UDR fields, listed below, store the volume of the flow's "responder" (destination) traffic, whose direction is from the Meraki firewall back to the "initiator" (source) of a request. These fields correspond to the OUT_BYTES and OUT_PKTS data fields in Meraki's NetFlow Version 9 Templates.

Note:
- These KDE flow fields store a sum for the flow, which is used to derive the Average, 95th Percentile, and Max numbers that return from queries (e.g. the columns of the tables returned in Data Explorer).
- The volume from the initiator to the responder is stored in the standard KDE metrics fields in_bytes and in_packets (see General Metrics).

Metric name (portal) Description Type:
value
column
Out Bytes Number of bytes leaving the firewall for this flow. integer
UDR
Out Packets Number of packets leaving the firewall for this flow. integer
UDR

 

Cisco Zone-based Firewall

These metrics represent traffic volume of flow through Zone-based Firewalls (ZFW) on Cisco IOS devices. ZFW uses bidirectional flow records in which the "initiator" (source) is the entity that initiates a request and the "responder" (destination) is the entity that replies with a response.

Notes:
- These KDE flow fields store a sum for the flow, which is used to derive the Average, 95th Percentile, and Max numbers that return from queries (e.g. the columns of the tables returned in Data Explorer).
- For more context on these dimensions, see the Cisco document Zone-based Policy Firewall Guide.

Metric name (portal) Description Type:
value
column
Initiator Bytes The bytes going from the initiator to the responder. integer
UDR
Responder Bytes The bytes going from the responder to the initiator. text
UDR

 

Silver Peak Metrics

These metrics represent App Performance Information elements available from Silver Peak appliances running VXOA software (version 8.21 or higher), which is described in this Silver Peak white paper.

Metric name (portal) Description Type:
value
column
Network To Server Delay The delay, in microseconds, from the network to the server. integer
UDR
Network To Client Delay The delay, in microseconds, from the network to the client. integer
UDR
Client To Server Response Delay The total delay, in microseconds, from client to server. integer
UDR
© 2014- Kentik
In this article:
×