Monitor graphs overview
You use the Monitor graphs to track trends in throughput rates, source and destination traffic, connections, and drops related to FortiDDoS detection and prevention settings.
The Monitor graphs menu includes the following categories:
• Port statistics
• Aggregate drops
• Flood drops
• ACL drops
• Anomaly drops
• Hash attack drops
• Out of Memory drops
• Layer 3 threshold rate meters and counters
• Layer 4 threshold rate meters and counters
• Layer 7 threshold rate meters and counters
Each category includes one or more graphs, and each graph plots multiple queries. In addition, graphs can be queried by SPP, time, and traffic direction (when relevant).
The multiple views and granular filters are useful for comparing and contrasting trends broadly, and for drilling into details. For example, you can use the Aggregate drops graph to get an overall picture on security events and see whether to review ACL graphs, flood graphs, or anomalies graphs next.
Figure 46 is an example of a monitor graph. It shows the following information for the selected SPP, parameter, period, and direction:
• Threshold—The configured minimum threshold (matches the setting on the Protection Profiles > Thresholds > Thresholds page).
• Throughput—A graph of the throughput rate for the selected protocol during the time period.
• Packets dropped—A graph of packets dropped because the threshold was exceeded.
• Packets blocked—A graph of packets blocked due to the application of blocking periods.
• Data resolution—Whether data points for the graph are rolled up in 5 minute, 1 hour, 3 hour, or 45 hour windows.
Figure 47 shows an infotip that is displayed when the mouse pointer hovers over a point in the graph. The infotip has details about that data point.