Connectivity Checker
The Kentik portal's Connectivity Checker module is covered in the following topics:
- About Connectivity Checker
- Connectivity Checker Page
- Cloud Connectivity Dashboard
- Create Report Page
- Save Report Page
- Connectivity Report Page
- Manage Reports
Note: For general information about monitoring your cloud resources with Kentik, start with Cloud Overview.


About Connectivity Checker
An overview of the Connectivity Checker is provided in the following topics:
Purpose: | Analyze AWS or Azure metadata within your cloud environments to monitor the forward and returns paths between two points. |
Benefits: | - Provides a detailed map of the connection, highlighting any issues causing the connection to fail. - Offers a comprehensive view of routing and NACL/SG configurations. - Facilitates faster troubleshooting by providing direct links to misconfigured gateways or security policies. |
Use Cases: | - Monitoring cloud network paths for AWS and Azure. - Ad-hoc network connectivity tests within your cloud environments. |
Relevant Roles: | Network Engineer |
Connectivity Checker Overview
The Connectivity Checker workflow (Beta) analyzes AWS or Azure metadata collected from Kentik-monitored cloud environments and inventories subnets, instances, and VPCs to determine how they communicate. It then visualizes the forward and return paths between two points on your cloud network, helping you identify potential issues like dropped connections so that your network teams can quickly fix them.
Note: The Connectivity Checker does not establish network connections. Instead, it analyzes metadata from your cloud environment to simulate and illustrate the communication paths between two points.
Connectivity Checker Workflow
The workflow is composed of two main parts:
- Create Report: Use the Create Report Page to define parameters for your analysis. You can run an ad-hoc analysis or save it as a report for future reference.
- View Report: Saved reports appear in the Previously Run Reports table. Each listed report links to an individual Connectivity Report Page that provides a detailed connection analysis, including visualizations.
Connectivity Checker Page
The Connectivity Checker landing page enables access to the Connectivity Checker dashboards for each of the Kentik-supported cloud providers. The page includes the following UI elements:
- Preview: A tabbed pane showing a preview of the different Connectivity Checker pages:
- Report List: An image showing a Cloud Connectivity Dashboard.
- Report Detail: An image showing a Connectivity Report Page. - Description: A description of Connectivity Checker.
- Show AWS Dashboard: A button that takes you to the AWS Connectivity Checker dashboard.
- Show Azure Dashboard: A button that takes you to the Azure Connectivity Checker dashboard.
Cloud Connectivity Dashboard
The Connectivity Checker dashboards for AWS and Azure each include the same main UI elements:
- Create Report: A button that takes you to the Create Report Page.
- Previously Run Reports: A table that lists your Previously Run Reports.


Previously Run Reports
The Previously Run Reports table lists the reports that you have previously generated and saved. Click the heading of any column to sort the list, which includes the following columns:
- Reachability: Indicates whether there is a connectivity issue between the source and destination:
- Reachable (green checkmark): Connection is successful between the source and destination.
- Not reachable (red X): Connection is unsuccessful between the source and destination. - Report Name: The name of the report.
- Source: The source entity from which the connection path originates.
- Destination: The destination entity at which the connection path terminates.
- Last analysis date: The date the connection analysis was most recently performed.
- View Report: A button to take you to the Connectivity Report Page.
- Topology Date: The end time of the time range covered by the report (see End Time in Connectivity Report UI).
- Remove (trash icon): Opens a confirmation popup from which you can remove the report from the list of saved reports.
Create Report Page
The Create Report page is used to run a connectivity check between two endpoints.
The page contains the following UI elements:
- Name: The name of this report. If left blank, a report name will be autogenerated using the source and destination values.
- Source type: A drop-down that determines the type of the sources listed in the Source drop-down. Source types vary by cloud provider as follows:
- Network Interfaces (AWS only): AWS network interfaces.
- Subnets: AWS or Azure subnets.
- Instance (AWS only): AWS instances. - Source: A filterable drop-down listing cloud entities of the type selected with Source type. Each entity is represented by a card that includes its name (in bold) and additional Entity Details that vary depending on the Source type. Click on a card to choose the entity to use as the start point of the connectivity check.
- Target type: A drop-down that determines the type of the destinations listed in the Destination drop-down.
- Destination: A filterable drop-down listing cloud entities of the type selected with Target type. Each entity is displayed on a card that includes its name (in bold) and additional Entity Details that vary depending on the Target type. Click on a card to choose the entity to use as the destination of the connectivity check.
- Time Range: A drop-down that pops up the Custom Time Range Settings.
- Protocol: A filterable drop-down listing protocols (e.g. TCP and UDP). Click a protocol to use it for the connection check.
- Port: A field in which to enter the port used to establish the connection.
- Cancel: A button to cancel the report creation and exit the page.
- Run: A button to execute the analysis and generate the report, which opens in the Save Report Page.
Entity Details
As shown in the table below, the details included in an entity's card in the Source or Destination drop-down vary depending on the type of the entity.
Detail | Network Interfaces | Subnets | Instance | Description |
Name | Yes | Yes | Yes | The name of the source or destination. |
PrivateIpAddress | Yes | No | Yes | The private IP address. |
PublicIpAddress | No | No | Yes | The public IP address. |
PrivateDnsName | No | No | Yes | The private DNS name. |
PublicDnsName | No | No | Yes | The public DNS name. |
SubnetId | Yes | No | Yes | The subnet from which the connection path originates or terminates. |
VpcId | Yes | Yes | Yes | The Virtual Private Cloud from which the connection path originates or terminates. |
CidrBlock | No | Yes | No | The CIDR block from which the subnet originates or terminates. |
Save Report Page
The Save Report page is shown immediately after a report is created on the Create Report page. Except for an added Save Report button, the contents of this page will be the same as a Connectivity Report Page. Click the button to save the report. You'll then be taken to the corresponding Connectivity Report page, and the report will be added to the Previously Run Reports list on the Cloud Connectivity Dashboard for the cloud provider.
Connectivity Report Page
The Connectivity Report page is covered in the following topics:


Connectivity Report UI
The Connectivity Report page includes the following main UI elements:
- Connectivity check information: A set of fields across the top of the page that provide information about what was checked for the report (see Connectivity Check Information).
- Kentik AI Summary: A pane containing Kentik AI's summary of the connectivity report (see AI Connection Summary).
- Paths: Depictions of the sequence of entities traversed by traffic on the checked connection (see Connection Paths):
- Forward: Traversed entities from source to destination.
- Return: Traversed entities from destination to source.
Connectivity Check Information
The following fields across the top of the Connectivity Report page provide information about what was checked for the report:
- Source: The type (e.g. subnet) and name of the source entity from which the connection originates.
- Destination: The type and name of the destination entity at which the connection terminates.
- Port: The port used to establish the connection.
- Protocol: The protocol used to establish the connection.
- Last Run: The timestamp for when the report was created.
- Start Time: The timestamp for the start of the connection assessment period.
- End Time: The timestamp for the end of the connection assessment period.
Note: The names shown in the Source and Destination fields are links that open the entity's Network Explorer details page in a new browser tab (see Core Detail Pages).
AI Connection Summary
The pane at the left of the Connectivity Report page contains a summary by Kentik AI of the connection between the selected source and destination entities. The summary includes the following parts:
- Overview: A statement of the overall conclusion of the analysis.
- Analysis: A more detailed breakdown of the connection.
- Resolution: A statement of actions, if any, that could be taken to resolve any issues revealed by the connectivity check.
- Close Summary: A button that hides the summary pane.
Connection Paths
The Forward Paths and Return Paths panes each include the following UI elements:
- Path: A sequence of Transit Points for the connection, from source to destination or vice versa.
- Connection Visualization: A set of shaded rectangles representing a region and containing that region’s path entities (see Connection Visualization).
Transit Points
Each transit point on the path contains the following information:
- Type: The entity type for the transit point.
- ID: The ID of the entity.
- Copy: A button that copies the ID to the clipboard.
Note: If the connection check discovers an issue involving a transit point, the transit point will be marked with a red caution icon (triangle with exclamation point). Hovering on the icon will pop up a tool tip that indicates the nature of the problem.
Connection Visualization
This visualization represents the sequence of paths traversed by the connection, and includes the following UI elements:
- Region: Shaded rectangles that segment the visualization by region and show when a connection crosses regional boundaries.
- VPC (AWS only): Outlined rectangles within regions that group the connection points by VPC and show any entry or exit points.
- VN (Azure only): Outlined rectangles within regions that group the connection points by their VN.
- Transit Point: A rectangle for each entity. Click to open a popup with options for more information:
- AWS Map: Takes you to the AWS Cloud Topology view of Kentik Map.
- Azure Map: Takes you to the Azure Cloud Topology view of Kentik Map.
- Show in AWS Console: Takes you to the AWS console (sign-in page unless you are already signed into the AWS account).
Note: If the connection check discovers an issue involving a transit point, the transit point's outline will be red.
Manage Reports
The following topics describe how to manage Connectivity Checker reports:
Run a Connectivity Report
You can start a connectivity report from two locations in the Kentik portal:
- Directly from the Cloud Connectivity Dashboard of a given cloud provider (AWS or Azure);
- From the provider's Cloud Topology view in the Kentik Map.
Once run, a report started in either location can be saved by clicking the Save button on the Save Report Page. The saved report will open on a Connectivity Report page, and the report will be added to the Previously Run Reports list on the Cloud Connectivity Dashboard for the cloud provider.
Run from Connectivity Checker
To run a connectivity check from within the Connectivity Checker:
- On the portal main menu, click Connectivity Checker under Cloud.
- On the Connectivity Checker landing page, click the Show Dashboard button corresponding to the Cloud provider (AWS or Azure).
- On the provider's dashboard, click the Create Report button to open the Create Report page.
- Specify the values of the fields in the Create Report Page.
- Click the Run button to run the analysis, which will open on the Save Report Page.
Run from Kentik Map
To run a connectivity check from the Kentik Map:
- On the portal main menu, click Kentik Map in the list of featured modules at the left.
- In the Clouds block at the upper left of the Kentik Map, click the cloud provider (AWS or Azure) and choose View Topology from the resulting popup.
- On the Cloud Topology view, click a VPC or subnet object and choose Connectivity Checker from the resulting popup. This will take you to the Create Report Page with the Source type and Source fields already specified.
- Specify the values of the remaining fields (see Create Report Page).
- Click the Run button to run the analysis, which will open on the Save Report Page.
Remove a Connectivity Report
To remove a saved Connectivity Checker report:
- On the portal main menu, click Connectivity Checker under Cloud.
- On the Connectivity Checker landing page, click the Show Dashboard button corresponding to the Cloud provider (AWS or Azure).
- Locate the report in the Previously Run Reports list.
- Click the Remove button (trash icon) at the right of the row.
- In the confirmation popup, click Remove to delete the report. The popup will close, and the report will be removed from the list.