How reports work¶
Plixer Scrutinizer Reports automatically aggregate network metadata from any number of observation points based on a specified report type/template.
Reports in Plixer Scrutinizer are network metadata aggregations based on user-configured parameters and options. This allows reports to be tailored to support any network or security use case and refined to meet more precise visibility requirements.
Report settings¶
The output of a report in Plixer Scrutinizer is controlled by the following settings:
Network devices
When a report is run, Plixer Scrutinizer aggregates data collected from one or more user-specified network devices or interfaces. These function as the user’s “observation points” and determine the scope of the data to be included in the report.
Report types
The base type of a report determines how network metadata from the selected observation points is aggregated (i.e., by X).
When creating a new report configuration or refining report results, report types can be displayed by category for ease of navigation. These categories include:
Core
Client ServerCountsDestinationFQDNFirewall EventsSourceTopVitalsVolumeSummaryIntegration-/vendor-specific
AWSAzureFlowPro DefenderFlowPro APMPalo Alto NetworksTo further simplify report type selection, types are also classified under the supplementary categories Recommended, Favorites, and Designed Reports.
Hint
Available report types vary based on the devices included in the Plixer Scrutinizer environment and those that have been selected as observation points for a report. Additional report types may also become available when certain integrations are configured/enabled for the Plixer Scrutinizer environment.
Time range/window
By default, reports are configured to aggregate data from the past 24 hours. However, this can be changed to a different last X window (e.g., last 5 minutes, last week, etc.) or a custom date and time range.
Hint
When a Last X time window is selected, clicking the up or down arrow will automatically shift the date/time period covered backward or forward.
Additional filters
The scope of the flow data aggregated by a report can be further limited or expanded through the use of additional filters, which can be defined both during the configuration of a new report and after any report has been run.
Graph type
The output of a report includes a graph or chart plotting the top ten aggregations. The user is able to switch between the available graphs or diagrams (based on the report type) to display a visualization that best suits their current objective.
Plixer Scrutinizer Reports can be set to use any of the following graph/chart types for visualization:
Line
Stacked line
Stacked bar
Step
Stacked step
Pie
Matrix
Connection
Sankey
Donut
Note
Graph options vary based on the report type.
Custom Reports
To learn more about creating custom Reports, see this subsection on the Report Designer.
Report results/output¶
The results/output view of a report is divided into two main sections: the graph and a paginated table where the complete data set can be reviewed.
Hint
The graph can be hidden by selecting Hidden when creating a new report configuration or using the Hide setting under Graphs in the Options tray.
After a report is run, the results can be continuously refined by modifying its settings from the output view. Report management tools and other auxiliary report functions can also be accessed from this page.
Additional options
The Options tray (gear button) can be used to access the following submenus related to the report:
Global
General display settings for the current report; can also be used to manually select the summary table/bucket to pull data from for the report
Graph
Show or hide the graph in the main output view (Hidden can also be selected from the main view dropdown to hide the graph)
Table
Show or hide the peak and/or 95th percentile columns in the results table
Threshold
Configure an alarm-generating threshold based on the column the report is currently sorted by
Details
View the report’s JSON output or additional details about the Exporters or Collectors used
Hint
Use the Copy to clipboard button to copy a report’s JSON output for reporting APIs.
Note
When the global Data Source setting is set to auto, Plixer Scrutinizer will automatically use the most suitable summary table to pull data from based on the time window of the current report.