Defining exclusions

To avoid unnecessary Alarms and excessive processing load on the system, certain devices or traffic should be excluded from monitoring by specific FA algorithms.

Plixer Scrutinizer’s factory configuration includes four IP Groups that are defined as exclusions under the appropriate algorithms:

• DNS servers

• Public WiFi

• Network Scanners

• SNMP Pollers

These IP Groups should be populated with the correct Exporters to optimize Flow Analytics monitoring and reporting.

Adding exclusions to an FA algorithm

FA algorithms can also be configured with additional exclusions beyond those defined under the above-mentioned IP Groups. This is done via the algorithm’s configuration tray from the Admin > Alarm Monitor> Flow Analytics Configuration page.

Exclusions can be defined by IP address, IP range, subnet, domain (via reverse DNS), or IP Group.

Hint

The default IP Group exclusions for an algorithm are also displayed under the Exclusions section of the configuration tray.