End user traffic distribution by hosts shows the contribution of top hosts (individual IP addresses) to the traffic made by specific end user. Data which was sent by the End user is classified as Upload traffic, while data which was received by the end user is classified as Download traffic.

Traffic for one user is presented as the sum of the traffic from all IP addresses he used during the certain time window.

To view this traffic:

  1. Choose a node type End Users from the accordion in the Menu Panel
  2. Select desired domain and username from the Node Tree
  3. Choose Host from the Tab panel

 

NetVizura NetFlow Analyzer - End User Traffic by Hosts

In the screenshot above, we see that Administrator logged on to the network at 11:30 and had a huge download from X.X.13.230. at 12:15.

Each host IP address is resolved to corresponding hostname over DNS, and for each non-private IP address Whois lookup is perfomed. Data can be viewed in a tooltip, displayed when hovering over specific host. Whois data contains information about the organization which owns the IP subnet the host is part of, as well as the AS number, additional descriptions, country and other location related information for that host.

NetVizura NetFlow Analyzer - End Users Traffic by Host Whois

To understand host traffic in general, read more at Distribution by Hosts.

 

  • No labels