cardigliano
commented
7 months ago @jcsdwes are you referring to Live Flows or Historical Flows? (what you want to do is already possible in Historical Flows)
Open jcsdwes opened 7 months ago
cardigliano
commented
7 months ago @jcsdwes are you referring to Live Flows or Historical Flows? (what you want to do is already possible in Historical Flows)
jcsdwes
commented
7 months ago @cardigliano Live flows. I don't see the options in historical flows either for that matter but I am obviously missing something since you say it is there
jcsdwes
commented
7 months ago This is Enterprise M with nProbe Enterprise M by the way
MatteoBiscosi
commented
7 months ago Hi @jcsdwes in the historical flows, this is available by changing the operator, if multiple filters of the same value are applied, then they are going to be in OR, see screenshots below.
For the live flows currently it is not available, but we are thinking of a way to add it
jcsdwes
commented
7 months ago @MatteoBiscosi Thanks, I figured out my historical flows weren't even turned on, so I setup the database or whatever and got those turned on. That doesn't resolve the live flows of course but still helps
I have about 6k flows and am finding the flows difficult to navigate and filter with the current options.
I would like to see inverse filtering available, for example show me everything except http.
I would like to see the option to select multiple filters in the column, for example I want to see everything TCP AND UDP.
Really, a AND, OR, NOT filter would probably be helpful so I can say show me only client xxxx (which you can't do at all right now from the live flows), and L7 HTTP or HTTPS, and Host Internal but NOT vlan 1000
Thanks