# Traffic Overview

## Preview <a href="#preview" id="preview"></a>

![](/files/tAuzNm8dLMNgsZXjJNFg)

## Overview <a href="#overview" id="overview"></a>

**Purpose**: The Traffic Overview dashboard provides insights into network traffic patterns, including bitrate, packet rate, flow rate, protocol and port distributions, and TCP flag usage. This dashboard helps network administrators monitor overall traffic, analyze source and destination data, and detect unusual patterns in real time.

**Components**: The dashboard includes the following visualizations:

* **Bitrate**
* **Packets Rate**
* **Flow Rate**
* **Flow Spiral**
* **Source IP Cardinality**
* **Site**
* **Source Country**
* **Protocol Breakdown**
* **Port Breakdown**
* **TCP Flag Distribution**

## Getting Here <a href="#getting-here" id="getting-here"></a>

1. From the main menu, go to **Dashboards > All**.
2. Select the **System** tab from the top navigation.
3. Click on **Traffic Overview**.

## Main Points <a href="#main-points" id="main-points"></a>

**Usage Scenarios**: This dashboard is ideal for monitoring traffic flow, analyzing protocol and port usage, and tracking the distribution of TCP flags. It assists network administrators in identifying bandwidth usage patterns, understanding traffic sources, and detecting anomalies.

**Best Practices**: Regularly review the bitrate, flow rate, and packet rate to track bandwidth and detect traffic spikes. Use the protocol and port breakdown to understand the composition of traffic, and monitor TCP flag distribution for insights into session behavior.

## Charts <a href="#charts" id="charts"></a>

### Bitrate <a href="#bitrate" id="bitrate"></a>

**Description**: A line chart displaying network bitrate over time.

**Key Elements**:

* **X-axis**: Time.
* **Y-axis**: Bitrate in Gbps.

**Usage**: Use this chart to monitor network throughput and detect fluctuations that may indicate changes in network load or potential issues.

### Packets Rate <a href="#packets-rate" id="packets-rate"></a>

**Description**: A line chart showing the rate of packets transmitted over time.

**Key Elements**:

* **X-axis**: Time.
* **Y-axis**: Packets per second (pps).

**Usage**: Helps in tracking the packet transmission rate, which can provide insights into network activity and load.

### Flow Rate <a href="#flow-rate" id="flow-rate"></a>

**Description**: A line chart representing the flow rate in the network.

**Key Elements**:

* **X-axis**: Time.
* **Y-axis**: Flow rate in flows per second (fps).

**Usage**: Useful for observing changes in the number of flows, which may indicate network events or traffic surges.

### Flow Spiral <a href="#flow-spiral" id="flow-spiral"></a>

**Description**: A spiral chart visualizing traffic flow patterns over time.

**Key Elements**:

* **Spiral Rings**: Each ring represents a time slice.
* **Color Coding**: Indicates traffic volume in different time segments.

**Usage**: Helps in identifying recurring patterns or irregularities in traffic over a 24-hour period.

### Source IP Cardinality <a href="#source-ip-cardinality" id="source-ip-cardinality"></a>

**Description**: A line chart showing the number of unique source IPs over time.

**Key Elements**:

* **X-axis**: Time.
* **Y-axis**: Unique source IP count.

**Usage**: Monitors IP diversity, which can indicate the variety of traffic sources in the network.

### Site <a href="#site" id="site"></a>

**Description**: A line chart displaying traffic from different sites over time.

**Key Elements**:

* **X-axis**: Time.
* **Y-axis**: Bitrate in Gbps.

**Usage**: Useful for monitoring traffic by site, allowing administrators to track network load across different locations.

### Source Country <a href="#source-country" id="source-country"></a>

**Description**: A line chart showing traffic volume from various countries over time.

**Key Elements**:

* **X-axis**: Time.
* **Y-axis**: Bitrate in Gbps.
* **Country Labels**: Indicate the source countries.

**Usage**: Helps in identifying the geographic origins of traffic, which may be relevant for security monitoring and compliance.

### Protocol Breakdown <a href="#protocol-breakdown" id="protocol-breakdown"></a>

**Description**: A bar chart showing the distribution of traffic by protocol.

**Key Elements**:

* **Bars**: Each bar represents a protocol (e.g., TCP, UDP, ICMP), with length indicating traffic volume.

**Usage**: Useful for understanding the protocol composition of network traffic, which can aid in troubleshooting and performance analysis.

### Port Breakdown <a href="#port-breakdown" id="port-breakdown"></a>

**Description**: A bar chart showing the distribution of traffic by port.

**Key Elements**:

* **Bars**: Each bar represents a port, with length indicating traffic volume.

**Usage**: Provides insights into frequently used ports, helping in identifying popular services and potential attack targets.

### TCP Flag Distribution <a href="#tcp-flag-distribution" id="tcp-flag-distribution"></a>

**Description**: A scatter plot displaying the distribution of TCP flags over time.

**Key Elements**:

* **X-axis**: Time.
* **Y-axis**: Flag type.
* **Points**: Each point represents a TCP flag (e.g., ACK, SYN, FIN).

**Usage**: Useful for analyzing session behavior and identifying unusual patterns in TCP flags that may indicate network issues or scanning activity.

## Interpreting the Data <a href="#interpreting-the-data" id="interpreting-the-data"></a>

**Traffic Load**: The **Bitrate**, **Packets Rate**, and **Flow Rate** charts provide insights into the network load and can help identify periods of high traffic.

**Protocol and Port Usage**: The **Protocol Breakdown** and **Port Breakdown** charts reveal the distribution of traffic by protocol and port, which is useful for understanding network composition and spotting anomalies.

**Geographic and Source Diversity**: The **Source Country** and **Source IP Cardinality** charts help track the diversity of traffic origins, supporting security and compliance monitoring.

**TCP Session Analysis**: The **TCP Flag Distribution** chart provides a granular view of TCP flag usage, which can help detect session-related issues or abnormal traffic patterns.

## Additional Features <a href="#additional-features" id="additional-features"></a>

**Metric Selection**: Users can select specific metrics, such as bitrate, to customize the view for different aspects of network traffic.

**Time Range**: The dashboard allows users to adjust the time range, facilitating a detailed analysis of recent or historical traffic data.

**Interactive Elements**: The SYNC HOVER feature enables synchronized analysis across charts, providing a cohesive view of related metrics and patterns.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.fusion.vectra.ai/dashboards/system/traffic-overview.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.