Prisma SD-WAN
Flow Detail
Table of Contents
Expand All
|
Collapse All
Prisma SD-WAN Docs
-
-
- Prisma SD-WAN Key Elements
- Prisma SD-WAN Releases and Upgrades
- Use Copilot in Prisma SD-WAN
- Prisma SD-WAN Summary
- Prisma SD-WAN Application Insights
- Device Activity Charts
- Site Summary Dashboard
- Prisma SD-WAN Predictive Analytics Dashboard
- Prisma SD-WAN Link Quality Dashboard
- Prisma SD-WAN Subscription Usage
-
-
- Add a Branch
- Add a Data Center
- Add a Branch Gateway
- Secure Group Tags (SGT) Propagation
- Configure Circuits
- Configure Internet Circuit Underlay Link Aggregation
- Configure Private WAN Underlay Link Quality Aggregation
- Configure Circuit Categories
- Configure Device Initiated Connections for Circuits
- Add Public IP LAN Address to Enterprise Prefixes
- Manage Data Center Clusters
- Configure Secure SD-WAN Fabric Tunnels between Data Centers
- Configure a Site Prefix
- Configure Ciphers
- Configure a DHCP Server
- Configure NTP for Prisma SD-WAN
- Configure the ION Device at a Branch Site
- Configure the ION Device at a Data Center
- Switch a Site to Control Mode
- Allow IP Addresses in Firewall Configuration
-
- Configure a Controller Port
- Configure Internet Ports
- Configure WAN/LAN Ports
- Configure a Sub-Interface
- Configure a Loopback Interface
- Add and Configure Port Channel Interface
- Configure a PoE Port
- Configure and Monitor LLDP Activity and Status
- Configure a PPPoE Interface
- Configure a Layer 3 LAN Interface
- Configure Application Reachability Probes
- Configure a Secondary IP Address
- Configure a Static ARP
- Configure a DHCP Relay
- Configure IP Directed Broadcast
- VPN Keep-Alives
-
- Configure Prisma SD-WAN IPFIX
- Configure IPFIX Profiles and Templates
- Configure and Attach a Collector Context to a Device Interface in IPFIX
- Configure and Attach a Filter Context to a Device Interface in IPFIX
- Configure Global and Local IPFIX Prefixes
- Flow Information Elements
- Options Information Elements
- Configure the DNS Service on the Prisma SD-WAN Interface
- Configure SNMP
-
-
- Prisma SD-WAN Branch Routing
- Prisma SD-WAN Data Center Routing
-
- Configure an OSPF in Prisma SD-WAN
- Enable BGP for Private WAN and LAN
- Configure BGP Global Parameters
- Global or Local Scope for BGP Peers
- Configure a Route Map
- Configure a Prefix List
- Configure an AS Path List
- Configure an IP Community List
- View Routing Status and Statistics
- Distribution to Fabric
- Host Tracking
-
- Configure Multicast
- Create, Assign, and Configure a WAN Multicast Configuration Profile
- Configure Global Multicast Parameters
- Configure a Multicast Static Rendezvous Point (RP)
- Learn Rendezvous Points (RPs) Dynamically
- View LAN Statistics for Multicast
- View WAN Statistics for Multicast
- View IGMP Membership
- View the Multicast Route Table
- View Multicast Flow Statistics
- View Routing Statistics
-
- Prisma SD-WAN Branch HA Key Concepts
-
- Configure Branch HA with Gen-1 Platforms (2000, 3000, 7000, and 9000)
- Configure Branch HA with Gen-2 Platforms (3200, 5200, and 9200)
- Configure Branch HA with Gen-2 Embedded Switch Platforms (1200-S or 3200-L2)
- Configure Branch HA for Devices with Software Cellular Bypass (1200-S-C-5G)
- Configure Branch HA for Platforms without Bypass Pairs
- Configure Branch HA in a Hybrid Topology with Gen-1 (3000) and Gen-2 (3200) Platforms
- Configure HA Groups
- Add ION Devices to HA Groups
- Edit HA Groups and Group Membership
- Prisma SD-WAN Clarity Reports
-
-
CloudBlade Integrations
- CloudBlade Integrations
- CloudBlades Integration with Prisma Access
-
-
-
-
- clear app-engine
- clear app-map dynamic
- clear app-probe prefix
- clear connection
- clear device account-login
- clear dhcplease
- clear dhcprelay stat
- clear flow and clear flows
- clear flow-arp
- clear qos-bwc queue-snapshot
- clear routing
- clear routing multicast statistics
- clear routing ospf
- clear routing peer-ip
- clear switch mac-address-entries
- clear user-id agent statistics
-
- arping interface
- curl
- ping
- ping6
- debug bounce interface
- debug bw-test src-interface
- debug cellular stats
- debug controller reachability
- debug flow
- debug ipfix
- debug log agent eal file log
- debug logging facility
- debug logs dump
- debug logs follow
- debug logs tail
- debug performance-policy
- debug poe interface
- debug process
- debug reboot
- debug routing multicast log
- debug routing multicast pimd
- debug servicelink logging
- debug tcpproxy
- debug time sync
- dig dns
- dig6
- file export
- file remove
- file space available
- file tailf log
- file view log
- ssh6 interface
- ssh interface
- tcpdump
- tcpping
- traceroute
- traceroute6
-
- dump appdef config
- dump appdef version
- dump app-engine
- dump app-l4-prefix table
- dump app-probe config
- dump app-probe flow
- dump app-probe prefix
- dump app-probe status
- dump auth config
- dump auth status
- dump banner config
- dump bfd status
- dump bypass-pair config
- dump cellular config
- dump cellular stats
- dump cellular status
- dump cgnxinfra status
- dump cgnxinfra status live
- dump cgnxinfra status store
- dump config network
- dump config security
- dump controller cipher
- dump controller status
- dump device accessconfig
- dump device conntrack count
- dump device date
- dump device info
- dump device status
- dump dhcp-relay config
- dump dhcprelay stat
- dump dhcp-server config
- dump dhcp-server status
- dump dhcpstat
- dump dnsservice config all
- dump dpdk cpu
- dump dpdk interface
- dump dpdk port status
- dump dpdk stats
- dump flow
- dump flow count-summary
- dump interface config
- dump interface status
- dump interface status interface details
- dump interface status interface module
- dump intra cluster tunnel
- dump ipfix config collector-contexts
- dump ipfix config derived-exporters
- dump ipfix config filter-contexts
- dump ipfix config ipfix-overrides
- dump ipfix config prefix-filters
- dump ipfix config profiles
- dump ipfix config templates
- dump lldp
- dump lldp config
- dump lldp info
- dump lldp stats
- dump lldp status
- dump log-agent eal conn
- dump log-agent eal response-time
- dump log-agent eal stats
- dump log-agent config
- dump log-agent iot snmp config
- dump log-agent iot snmp device discovery stats
- dump log-agent ip mac bindings
- dump log-agent neighbor discovery stats
- dump log-agent status
- dump ml7 mctd counters
- dump ml7 mctd session
- dump ml7 mctd version
- dump nat counters
- dump nat6 counters
- dump nat summary
- dump network-policy config policy-rules
- dump network-policy config policy-sets
- dump network-policy config policy-stacks
- dump network-policy config prefix-filters
- dump overview
- dump performance-policy config policy-rules
- dump performance-policy config policy-sets
- dump performance-policy config policy-set-stacks
- dump performance-policy config threshold-profile
- dump poe system config
- dump poe system status
- dump priority-policy config policy-rules
- dump priority-policy config policy-sets
- dump priority-policy config policy-stacks
- dump priority-policy config prefix-filters
- dump probe config
- dump probe profile
- dump radius config
- dump radius statistics
- dump radius status
- dump reachability-probe config
- dump qos-bwc config
- dump reachability-probe status
- dump routing aspath-list
- dump routing cache
- dump routing communitylist
- dump routing multicast config
- dump routing multicast igmp
- dump routing multicast interface
- dump routing multicast internal vif-entries
- dump routing multicast mroute
- dump routing multicast pim
- dump routing multicast sources
- dump routing multicast statistics
- dump routing multicast status
- dump routing ospf
- dump routing peer advertised routes
- dump routing peer config
- dump routing peer neighbor
- dump routing peer received-routes
- dump routing peer routes
- dump routing peer route-via
- dump routing peer status
- dump routing peer route-json
- dump routing prefixlist
- dump routing prefix-reachability
- dump routing route
- dump routing routemap
- dump routing running-config
- dump routing summary
- dump routing static-route reachability-status
- dump routing static-route config
- dump routing vpn host tracker
- dump security-policy config policy-rules
- dump security-policy config policy-set
- dump security-policy config policy-set-stack
- dump security-policy config prefix-filters
- dump security-policy config zones
- dump sensor type
- dump sensor type summary
- dump serviceendpoints
- dump servicelink summary
- dump servicelink stats
- dump servicelink status
- dump site config
- dump snmpagent config
- dump snmpagent status
- dump software status
- dump spoke-ha config
- dump spoke-ha status
- dump standingalarms
- dump static-arp config
- dump static host config
- dump static routes
- dump support details
- dump-support
- dump switch fdb vlan-id
- dump switch port status
- dump switch vlan-db
- dump syslog config
- dump syslog-rtr stats
- dump syslog status
- dump time config
- dump time log
- dump time status
- dump troubleshoot message
- dump user-id agent config
- dump user-id agent statistics
- dump user-id agent status
- dump user-id agent summary
- dump user-id groupidx
- dump user-id group-mapping
- dump user-id ip-user-mapping
- dump user-id statistics
- dump user-id status
- dump user-id summary
- dump user-id useridx
- dump vlan member
- dump vpn count
- dump vpn ka all
- dump vpn ka summary
- dump vpn ka VpnID
- dump vpn status
- dump vpn summary
- dump vrf
- dump waninterface config
- dump waninterface summary
-
- inspect app-flow-table
- inspect app-l4-prefix lookup
- inspect app-map
- inspect certificate
- inspect certificate device
- inspect cgnxinfra role
- inspect connection
- inspect dhcplease
- inspect dhcp6lease
- inspect dpdk ip-rules
- inspect dpdk vrf
- inspect fib
- inspect fib-leak
- inspect flow-arp
- inspect flow brief
- inspect flow-detail
- inspect flow internal
- inspect interface stats
- inspect ipfix exporter-stats
- inspect ipfix collector-stats
- inspect ipfix app-table
- inspect ipfix wan-path-info
- inspect ipfix interface-info
- inspect ip-rules
- inspect ipv6-rules
- inspect lqm stats
- inspect memory summary
- inspect network-policy conflicts
- inspect network-policy dropped
- inspect network-policy hits policy-rules
- inspect network-policy lookup
- inspect performance-policy fec status
- inspect policy-manager status
- inspect policy-mix lookup-flow
- inspect priority-policy conflicts
- inspect priority-policy dropped
- inspect priority-policy hits default-rule-dscp
- inspect priority-policy hits policy-rules
- inspect priority-policy lookup
- inspect performance-policy incidents
- inspect performance-policy lookup
- inspect performance-policy hits analytics
- inspect process status
- inspect qos-bwc debug-state
- inspect qos-bwc queue-history
- inspect qos-bwc queue-snapshot
- inspect routing multicast fc site-iface
- inspect routing multicast interface
- inspect routing multicast mroute
- inspect security-policy lookup
- inspect security-policy size
- inspect switch mac-address-table
- inspect system arp
- inspect system ipv6-neighbor
- inspect system vrf
- inspect vrf
- inspect wanpaths
-
-
5.6
- 5.6
- 6.1
- 6.2
- 6.3
- 6.4
- 6.5
- New Features Guide
- On-Premises Controller
- Prisma SD-WAN CloudBlades
- Prisma Access CloudBlade Cloud Managed
- Prisma Access CloudBlade Panorama Managed
-
- Features Introduced in Prisma SD-WAN ION Release 5.6
- Changes to Default Behavior in Prisma SD-WAN ION Release 5.6
- Upgrade ION 9000 Firmware for Device Version 5.6.x
- CLI Commands in Prisma SD-WAN ION Release 5.6
- Addressed Issues in Prisma SD-WAN ION Release 5.6
- Known Issues in Prisma SD-WAN ION Release 5.6
Flow Detail
Lets learn more about the flow details table in the Prisma
SD-WAN activity tab.
Where Can I Use This? | What Do I Need? |
---|---|
|
|
The Flow Detail provides information on the following
attributes of the flow:
Field | Description |
---|---|
Flow Decision Bitmap | Lists the decisions taken for the flow as it was processed. |
Source IP (Port) | Source IP and port of the flow origin (depending on the direction of the flow). |
Destination IP (Port) | Destination IP and port of the destined address of the flow (depending on the direction of the flow). |
Application Name | Name of the application for a particular flow or transaction. |
Application Category | Application category for the flow. |
Alt Application | Alternate application is usually the parent application. |
Security Policy Rule | Security policy rule(s) that are applied for the flow. |
Source Zone | Source zone (Zone Based Firewall) for the flow. |
Destination Zone | Destination zone for the flow. |
Action | Action taken to allow or deny the policy rule applied for the flow. |
Path Policy Set | Path policy set used for the flow. |
Path Policy Rule | Path policy rule used for the flow. |
Path Network Context | Path policy context used for the flow. |
Path Source Prefix | Path source prefix used for the flow. |
Path Destination Prefix | Path destination prefix used for the flow. |
Path With Lowest Probe DNS Transaction Time Selected | Lists the path with lowest probe DNS transaction time selected. |
Path With Lowest Probe HTTP Transaction Time Selected | Lists the path with lowest probe HTTP transaction time selected. |
Path With Lowest Probe DNS Transaction Failure Rate Selected | Lists the path with lowest probe DNS transaction failure rate selected. |
Path With Lowest Probe Init Failure Rate Selected | Lists the path with lowest probe Init failure rate selected. |
Path With Lowest Probe Packet Loss Selected | Lists the path with lowest probe packet loss selected. |
Path With Lowest Probe Jitter Selected | Lists the path with lowest probe jitter selected. |
Path With Lowest Probe Latency Selected | Lists the path with lowest probe latency selected. |
Path With Lowest LQM Packet Loss Selected | Lists the path with lowest LQM packet loss selected. |
Path With Lowest LQM Jitter Selected | Lists the path with lowest LQM jitter selected. |
Path With Lowest LQM Latency Selected | Lists the path with lowest LQM latency selected. |
QoS Policy Set | QoS policy set used for the flow. |
QoS Policy Rule | QoS policy rule used for the flow. |
QoS Network Context | QoS network context used for the flow. |
QoS Source Prefix | QoS source prefix used for the flow. |
QoS Destination Prefix | QoS destination prefix used for the flow. |
Protocol | Protocol detected for that particular flow. |
Chosen WAN Path | WAN path chosen for that particular flow. |
Endpoint | Endpoint for the flow. |
Traffic Type | Traffic type such as transactional, bulk, rt-audio or rt-video. |
Priority Class | Priority Class as defined by the Priority Policy. |
Flow Direction | Flow direction at the start of transaction. |
Start Time | Time when the first packet in this flow was detected. |
Last Activity | Time of the flow when the last packet was detected. |
New Flow | First record for this flow that was detected in the current time window. |
Packets | Number of packets exchanged between client and server. |
Bytes | Number of bytes exchanged between client and server. |
DSCP Fields Seen (LAN > WAN) | DSCP markings seen between LAN-to-WAN that is used to change the priority of the packets as they traverse the network. |
DSCP Fields Seen (WAN > LAN) | DSCP markings seen between WAN-to-LAN that is used to change the priority of the packets as they traverse the network. |
OOO Packets | Out of order packets from the client to a server and the server to a client. |
SACK Packets | Selective acknowledgment of the packets. |
Retransmit Packets | Number of TCP retransmit packets. |
Packet Duplication Applied Per Performance Policy | Displays the number of duplication packets applied Per Performance Policy. |
Retransmit Bytes | Number of TCP retransmit bytes. |
RST | Number of TCP reset packets sent. |
SYN | Number of TCP SYN packets sent. |
FIN | Number of TCP FIN packets sent. |
VLAN | Displays the VLAN used for the flow. |
average_rtt | Average round trip time calculated. |
average_srt | Average server response time. |
average_pg | Average inter-packet gap (a measure of network congestion and packet loss) calculated. |
init_success | Indicates if the TCP session initiation was successful. |
max_rtt | Maximum round trip time detected. |
max_srt | Maximum server response time at the application level. |
max_pg | Maximum inter-packet gap (a measure of network congestion and packet loss) detected. |
min_rtt | Minimum round trip time detected. |
min_srt | Minimum server response time at the application level. |
min_pg | Minimum inter-packet gap (a measure of network congestion and packet loss) detected. |
success_transactions | Number of successful transactions. |
Probe filter removed one or more filter paths | Lists the probe filter removed one or more filter paths. |
FEC Applied Per Performance Policy | Lists the FEC applied per Performance Policy for that flow. |
Flow blocked after reclassification due to User/Group learning | Lists the flow blocked after reclassification due to User/Group learning. |
Chose an L3 Failure Backup Transit path | Displays the chosen L3 Failure backup transit path for the flow. |
Chose an L3 Failure Active Transit path | Displays the chosen L3 Failure active Transit path for the flow. |
Found an L3 Failure Active Transit path | Displays the found L3 Failure active Transit path for the flow. |
Found an L3 Failure Backup Transit path | Displays the found L3 Failure backup Transit path for the flow. |
L3 failure path in the network policy used | Displays the L3 failure path in the network policy used by the Flow. |
Use on L3 failure paths found, but have L3 failures themselves or are not configured | Displays the flow used on L3 failure paths found, but have L3 failures themselves or are not configured. |
Configured use on L3 failure paths found and considered | Displays the configuration used on L3 failure paths found and considered for that flow. |
All Active and Backup paths with a route for destination prefix are down or have L3 failures | Displays all Active and Backup paths with a route for destination prefix are down or have L3 failures of the flow. |
Flow blocked due to TCP state violation | Displays the flow blocked due to TCP state violation. |
Flow blocked after Application re-classification | Displays the Flow blocked after Application re-classification. |
Policy allowed Standard VPN on private interface | Displays the policy allowed for Standard VPN on private interface for the flow. |
Policy allowed Standard VPN on public interface | Displays the policy allowed for Standard VPN on public interface for the flow. |
Reachable over Standard VPN, disallow direct internet | Displays the flows which are reachable over Standard VPN and disallow direct internet. |
Standard VPN allowed on private interface | Displays the flow on Standard VPN allowed on private interface. |
Standard VPN allowed on public interface | Displays the flow on Standard VPN allowed on public interface. |
Default Standard VPNs found | Displays the default Standard VPNs found for the flow. |
WAN to LAN flow VPN path to site preserved | Displays the WAN to LAN flow VPN path to site preserved for the flow. |
WAN to LAN flow MPLS path type preserved | Displays the WAN to LAN flow MPLS path type preserved for the flow. |
Path Policy Backup Path, Backup Service / DG Group Paths Selected | Displays the Path Policy Backup Path, Backup Service / DG Group paths selected for the flow. |
Path Policy Backup Path, Active Service / DG Group Paths Selected | Displays the Path Policy Backup Path, Active Service / DG Group paths selected for the flow. |
Path Policy Active Path, Backup Service / DG Group Paths Selected | Displays the Path Policy Active Path, Backup Service / DG Group paths selected for the flow. |
Path Policy Active Path, Active Service / DG Group Paths Selected | Displays the Path Policy Active Path, Active Service / DG Group paths selected for the flow. |
Path Policy Backup Path, Backup Service / DG Group Paths Found | Displays the Path Policy Backup Path, Backup Service / DG Group paths found for the flow. |
Path Policy Backup Path, Active Service / DG Group Paths Found | Displays the Path Policy Backup Path, Active Service / DG Group paths found for the flow. |
Path Policy Active Path, Backup Service / DG Group Paths Found | Displays the Path Policy Active Path, Backup Service / DG Group paths found for the flow. |
Path Policy Active Path, Active Service / DG Group Paths Found | Displays the Path Policy Active Path, Active Service / DG Group paths found for the flow. |
Reachable over VPN, disallow direct internet | Displays the flows which are reachable over VPN and disallow direct internet. |
Enterprise prefix Public Direct disallowed | Displays the Enterprise prefix Public Direct disallowed for the flow. |
Non-Enterprise prefix PWAN disallowed by config | Displays the Non-Enterprise prefix PWAN disallowed by config for the flow. |
Non-Enterprise prefix VPN disallowed by config | Displays the Non-Enterprise prefix VPN disallowed by config for the flow. |
App Perf Bad Path Chosen | Displays the App perf bad path chosen for the flow. |
App SLA Compliant Path Selected | Displays the App SLA Compliant (good/ok)Path Selected |
Private VPN Path | Displays the Private VPN Path for the flow. |
Allowed private VPN | Displays the Allowed private VPN for the flow. |
Policy allowed private VPN | Displays the policy allowed private VPN for the flow. |
Path(s) filtered due to L3 Reachability Down | Displays the Path(s) filtered due to L3 Reachability Down for the flow. |
Direct private WAN used since both active and backup paths were unusable | Displays the Direct private WAN used since both active and backup paths were unusable for the flow. |
Backup path in the network policy selected | Displays the Backup path in the network policy selected for the flow. |
Active path in the path policy selected | Displays the Active path in the path policy selected for the flow. |
App Reachability Detection Removed One Or More Paths | Displays the App Reachability detection removed one Or more paths for the flow. |
One Or More Paths Violated A Performance Policy LQM Rule | Displays the one or more Paths violated a performance policy LQM rule for the flow. |
Detected asymmetry has been automatically corrected | Displays the detected asymmetry has been automatically corrected for the flow. |
New Flow Detected | Displays the new flow detected. |
Select WAN path down | Displays the select WAN path down for the flow. |
Select WAN path up | Displays the select WAN path up for the flow. |
App_id, dest IP and dest port | Displays the App_id, destination IP and destination port for the flow. |
App_id, src IP and src port | Displays the App_id, source IP and source port for the flow. |
App_id and dest port | Displays the App_id and destination port for the flow. |
App_id and src port | Displays the App_id and source port for the flow. |
App_id and dest IP | Displays the App_id and destination IP for the flow. |
App_id and src IP | Displays the App_id and source IP for the flow. |
Path Policy Permits Public VPN Path | Displays the Path Policy Permits Public VPN Path for the flow. |
Path Policy Permits Private Direct Path | Displays the Path Policy Permits Private Direct Path for the flow. |
Path Policy Permits Public Direct Path | Displays the Path Policy Permits Public Direct Path for the flow. |
Policy name constraint specified | Displays the Policy name constraint specified for the flow. |
Name constraint specified | Displays the name constraint specified for the flow. |
HUB VPNs found | Displays the data center (hub) VPNs found for the flow. |
Policy allows asymmetry | Displays the allowed policy asymmetry for the flow. |
Private direct safe use | Displays the Private direct safe use for the flow. |
Strict Path Affinity Configured in App Definition | Displays the strict Path Affinity configured in App definition for the flow. |
Strict Path Affinity Followed | Displays the strict Path Affinity followed for the flow. |
SLA criteria specified | Displays the SLA criteria specified for the flow. |
BW One wan path | Displays the bandwidth one WAN path for the flow. |
BW secondary flow | Displays the bandwidth secondary flow for the flow. |
Preferred path specified | Displays the preferred path specified for the flow. |
BW preferred path | Displays the bandwidth preferred path for the flow. |
BW bulk preferred path | Displays the bandwidth bulk preferred path for the flow. |
Preferred path followed | Displays the preferred path followed for the flow. |
31 : "Public direct path" | Displays the public direct path for the flow. |
Public VPN path | Displays the public VPN path for the flow. |
Private direct path | Displays the private direct path for the flow. |