SPP
SPP Overview
Note: SPP Traffic Graphs have been moved to Monitor >Traffic Monitor > SPP.
FortiView SPP displays a per-SPP summary graph view of traffic by:
-
Countries: Traffic by country
Only Source IPs that make fully established TCP connections are included in this graph since incomplete TCP sessions and UDP sources can be easily spoofed, providing false information.
-
Attacks: Drops of all types associated with the selected SPP
Graphs displayed are modified by three pull-down menus:
- SPP to Display
- Period of display (1 hour to 1 year)
- Direction
Countries Graph
The Countries graph and table provides geolocation information for the top Source/Destination countries of passed (Egress) traffic based on the global page modifiers for Time Period and Direction.
The Countries graph includes the following modifiers:
- Select Packets (pps) or Bits (bps)
- Select Linear or Logarithmic Y-axis views. Logarithmic selection allows a better view if there is a very large differential between the various graph parameters.
- Refresh the graph. Most FortiDDoS graphs do not auto-refresh
- Highlight the various Country sub-graphs off or on by rolling the cursor over the X-axis labels.
- Roll the cursor over the graph to reveal a tool tip with precise traffic details for any point on the graph. Note: The tool tip must be on a reporting point for the details to display. For example, for a 1 hour graph, the tool tip must be over a 5-minute mark for display traffic information.
Attacks Graph and Table
The Attacks graph and table provide periodic and aggregate drop information for all attacks seen in the SPP over the graph period. The modifiers for this graph are the same as those for the Countries graph.
The Attacks table provides a summary list of all attacks seen over the full graph period (in the example above, the full graph period is one week) with total dropped packets or bits for the graph period. The table follows the modifiers of the graph.