Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1419
Views
0
Helpful
1
Replies

How does MARS calculate "bytes transmitted" for a session?

tar_mynastyr
Level 1
Level 1

‎05-24-2011 08:12 AM

Hi All

Recently I was playing with NetFlow and Query Result types and thought to myself: How does MARS calculate "bytes transmitted" for a session? As we know, MARS does not store NetFlow records into DB by default. So, does MARS maintain some other data structure, which is populated with "bytes transmitted" values taken from NetFlow events? Or maybe NetFlow events are not considered when evaluating a query with "bytes transmitted" result type, but rather some other event types are used instead?

Could anyone please shed some light on the topic? Thanks in advance!

Labels:
0 Helpful
1 Reply 1

Farrukh Haroon
VIP Alumni
VIP Alumni

‎06-16-2011 07:24 AM

This type of information is usually collected from firewall events (syslogs)

Alternateively the same can be done by adding the netflow samples report for the same session (tuple).

Regards


Farrukh

0 Helpful
Customers Also Viewed These Support Documents