get-traffic-flows-summary
Extract summarized traffic flow data from Illumio PCE, including source, destination, port, protocol, and connection details, for analysis and policy review.
Instructions
Get traffic flows from the PCE in a summarized text format, this is a text format that is not a dataframe, it also is not json, the form is: 'From <source> to <destination> on <port> <proto>: <number of connections>'
Input Schema
Name | Required | Description | Default |
---|---|---|---|
end_date | Yes | Ending datetime (YYYY-MM-DD or timestamp) | |
exclude_destinations | No | Destinations to exclude (label/IP list/workload HREFs, FQDNs, IPs). Best case these are hrefs like /orgs/1/labels/57 or similar. Other way is app=env as an example (label key and value) | |
exclude_services | No | ||
exclude_sources | No | Sources to exclude (label/IP list/workload HREFs, FQDNs, IPs). Best case these are hrefs like /orgs/1/labels/57 or similar. Other way is app=env as an example (label key and value) | |
exclude_workloads_from_ip_list_query | No | ||
include_destinations | No | Destinations to include (label/IP list/workload HREFs, FQDNs, IPs). Best case these are hrefs like /orgs/1/labels/57 or similar. Other way is app=env as an example (label key and value) | |
include_services | No | ||
include_sources | No | Sources to include (label/IP list/workload HREFs, FQDNs, IPs). Best case these are hrefs like /orgs/1/labels/57 or similar. Other way is app=env as an example (label key and value) | |
max_results | No | ||
policy_decisions | No | ||
query_name | No | ||
start_date | Yes | Starting datetime (YYYY-MM-DD or timestamp) |