Comprehensive user manual for NetFlow Auditor Standard and Enterprise Editions.

Location: Business Group: 3. Cost Center

The "Cost Center" screen allows maintenance operations on added Cost Centers:

Command Buttons

  • Search
  • Add
  • Modify
  • Delete
  • Anomaly Detection

The bold menu button reflects the current command status.



  • Search - The "Search" button will expand the Search panel.

    ID, Name, Date, IPv4 Allocated, IPv6 Allocated, AS Correlation can all be searched by choosing an operator and entering a value.

    Pressing the "Confirm" button will list the matched Cost Centers.


  • Add - The "Add" button will expand the panel to allow data entry. Enter in an Cost Center name.

    Pressing the "Confirm" button will add the entered Cost Center.


    The Cost Center ID is automatically generated.
  • Modify - Highlight an Cost Center using your mouse and then clicking the "Modify" button allows the selected Cost Center Name to be edited.

    Pressing the "Confirm" button will update the selected Cost Center.


    Only the Cost Center name can be changed.
  • Delete - Highlight an Cost Center using your mouse and then clicking the "Delete" button allows the selected Cost Center Name to be Deleted.

    Pressing the "Confirm" button will Delete the selected Cost Center.


    Cost Centers that have an Cost Center id less than 10, are not allowed to removed.

    A Deleted Cost Center will appear as an Cost Center id in a query or report if tagged traffic data already exists for the deleted Cost Center.
  • Anomaly Detection - Highlight an Cost Center using your mouse and then clicking the "Anomaly Detection" button allows the selected Cost Center Name to begin generating a Baseline Alert for the highlighted Cost Center.

    Pressing the "Confirm" button will Enter the Forensics Template / Report / Alert Screen from where a simple "SaveNew" is all thats needed for NetFlow Auditor to begin learning and alerting Intelligent Baselines. See Forensics: 7. Creating Anomaly Detection Baseline Alerts and Forensics: 6. NBAD - Anomaly Detection Baseline Alerting.




    Too many baseline alerts could theoretically eventually impact netflow data collection or the systems ability to respond. If impact of collection does occur then NetFlow Auditor can be run in a Clustered Collection architecture

Drill Down

Clicking on the "IPv4 Allocated", "IPv6 Allocated" or "AS Correlation" values allows drill down to the respective "IPv4 Allocation", "IPv6 Allocation" or "Autonomous System" screens with the corresponding Cost Center as the criteria.



Clicking on the icons in the right columns allows drill down to an Interface Route view of the forensics screen with the corresponding Cost Center as EITHER the Source Cost Center or the Destination Cost Center as the Criteria.




cron