Home
CMC
User Guide
Information and resources about the main features of the Central Management Console (CMC), and the tasks that you can do from the user interface (UI).
Queries
Queries
You can use the Nozomi Networks Query Language (N2QL) syntax to create complex data processes to obtain, filter, and analyze lists of information from the Nozomi Networks software.
Examples
Bucket and history
An example of a query to calculate the distribution of link events towards an internet protocol (IP) address.

CMC
- Introduction
  An overview of the Central Management Console (CMC).
- Installation Guide
  Information and resources on how to install the Central Management Console (CMC), and the different options and settings available.
- Administrator Guide
  Information and resources about the Administration section of the Central Management Console (CMC), and the tasks that you can do in this part of the software.
- User Guide
  Information and resources about the main features of the Central Management Console (CMC), and the tasks that you can do from the user interface (UI).
  - Sensors
  - Alerts
  - Assets
  - Queries
    - Queries
      You can use the Nozomi Networks Query Language (N2QL) syntax to create complex data processes to obtain, filter, and analyze lists of information from the Nozomi Networks software.
      - Data sources
      - Basic operators
      - Commands
      - Functions
      - Examples
        Pie chart
        An example on how to create a pie chart to understand the media access control (MAC) vendor distribution in a network.
        Column chart
        An example on how to create a column chart with the top nodes by traffic.
        Where with multiple conditions in OR
        An example of a query to get all the nodes with a specific role, in particular all the nodes which are web or domain name server (DNS) servers.
        Bucket and history
        An example of a query to calculate the distribution of link events towards an internet protocol (IP) address.
        Join
        An example query to join two data sources to obtain a new data source with more information. In particular, how to list the links with the labels for the source and destination nodes.
        Compute the availability history
        An example query to compute the availability history for a link.
        Complex field types
  - Smart Polling
  - Arc
  - Reports
  - Assertions
  - Vulnerabilities
  - Administration
  - Personal settings
  - Troubleshooting
- Maintenance Guide
  Information about the maintenance tasks of Central Management Console (CMC), to help you administer and maintain the solution in a production environment.
- Print format documentation
  A list of all the print-format documentation that is available for the Central Management Console (CMC).

Bucket and history

An example of a query to calculate the distribution of link events towards an internet protocol (IP) address.

You can filter all the link_events with id_dst equal to 192.168.1.11 After this you can sort by time, this is a very important step because bucket and history depend on how the data are sorted.

Then you can use bucket to group the data by time. The final step is to use the history command to draw a chart, we pass count as a value for the Y axis and time for the X axis.

The history command is particularly suited for displaying a big amount of data, in the image below we can see that there are many hours of data to analyze.

link_events | where id_dst == 192.168.1.11 | sort time asc | bucket time 36000 | history count time