You can view traffic sessions on virtual machines within the specified time span. The last 24 hours of data are displayed by default, the minimum time span is one hour and the maximum is two weeks.
Before you begin
Flow monitoring data is only available for virtual machines in clusters that have the network virtualization components installed and firewall enabled. See the NSX Installation Guide.
- Log in to the vSphere Web Client.
- Select Networking & Security from the left navigation pane and then select Flow Monitoring.
- Ensure that you are in the Dashboard tab.
- Click Flow Monitoring.
The page might take several seconds to load. The top of the page displays the percentage of allowed traffic, traffic blocked by firewall rules, and traffic blocked by SpoofGuard. The multiple line graph displays data flow for each service in your environment. When you point to a service in the legend area, the plot for that service is highlighted.
Traffic statistics are displayed in three tabs:
Top Flows displays the total incoming and outgoing traffic per service over the specified time period based on the total bytes value (not based on sessions/packets). The top five services are displayed. Blocked flows are not considered when calculating top flows.
Top Destinations displays incoming traffic per destination over the specified time period. The top five destinations are displayed.
Top Sources displays outgoing traffic per source over the specified time period. The top five sources are displayed.
- Click the Details by Service tab.
Details about all traffic for the selected service is displayed. The Allowed Flows tab displays the allowed traffic sessions and the Blocked Flows tab displays the blocked traffic.
You can search on service names.
- Click an item in the table to display the rules that allowed or blocked that traffic flow.
- Click the Rule Id for a rule to display the rule details.