# Views Cloud Insights offers a detailed view of how your cloud-native resources are connected together logically, your historical inventory, and a comprehensive end-to-end traffic flow. Events occurring within your cloud infrastructure, such as configuration changes and operational scaling events, are represented in Cloud Insights Inventory and Views screens within tables and timelines. These visualizations are available in the **Cloud Insights** section of the ThousandEyes platform and as the **Cloud** layer in **Network & App Synthetics > Views**. {% hint style="info" %} Some screens within Cloud Insights combine the data of multiple cloud providers, allowing you to filter by cloud provider, while others separate the cloud provider data into tabs. **Cloud Insights > Views**, for example, is combined while **Cloud Insights > Inventory** is tabbed. Of the **Settings** screens, **FPS Monitoring** and **Integration Logs** are combined while **Tags Management** and **Integration Policies** are tabbed. Where customers have set up Cloud Insights for both AWS and Azure, ThousandEyes distinguishes between the cloud environments as different tabs in the screens that are tabbed. Where customers have set up Cloud Insights for only one cloud environment, ThousandEyes does not separate these screens into tabs. Likewise, customers with only one type of AWS flow log (either VPC or Transit Gateway), will not see the other flow log tab. {% endhint %} ## Inventory Screen Navigate to **Cloud Insights > Inventory** to view the cloud resources discovered through the inventory integration with your cloud provider. The inventory screen displays the last 30 days of ingested data and it is refreshed every 5 minutes. ### Inventory Dashboard With the Cloud Insights inventory screen, you can see all your cloud networking, content delivery, and compute resources grouped by resource type, including for example load balancer, network gateway, and internet gateway, across all your cloud accounts and subscriptions, in one dashboard. You can see all your resources in the context of their respective public or private subnets, availability zones (AZ), virtual cloud instances (VPC, Transit Gateway, or VNet), regions, and accounts or subscriptions. ![Cloud Insights inventory screen](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-428256e795df7425ea7ad2a101cbc5645ea31720%2Fcloud-insights-inventory-view.png?alt=media) Click on a region or subnet to see its details. Filtering resources by type and by tags is also supported. ### Inventory Table The table at the bottom of the dashboard displays information about your resources, and updates to display filters, groupings, and column headers. Note that not all column headers are visible by default. #### Customizing Table Columns You can add columns (such as **Vendor Name**, **Agent Name**, and **Product Name**), deselect columns, and rearrange column order using the cog icon (⚙️) top right of the table. See [How to Configure Table Columns](https://docs.thousandeyes.com/product-documentation/cloud-insights/views#how-to-configure-table-columns) for more information. Additional columns appear only in **Cloud Insights > Inventory**; the **Cloud Insights > Views** screen offers different addable columns. **Note**: Not all resources are populated with **Vendor Name**, **Agent Name**, or **Product Name**: * **Agent Name** shows the ThousandEyes agent name only if one is running on the instance/virtual-machine. * **Vendor Name** and **Product Name** are shown only for instances installed from the AWS or Azure Marketplaces. Once you add columns, you can then search on any data within those columns; search works the same way as on the [**Cloud Insights > Views**](https://docs.thousandeyes.com/product-documentation/cloud-insights/views#table-search) screen. ### Viewing Resource States The **State** column shows the state of the network resource (for example, running, in use, deployed, undeployed, deleted) as applicable to the resource type. The state values are defined by the cloud provider; Cloud Insights displays the state reported by the provider and does not define or interpret the values. Different resource types use different state labels (for example, "running" for instances, "in use" for interfaces). For the list of possible states for a given resource type, refer to your cloud provider's documentation. The following resource types - per cloud provider - display a state in the **State** column: | **AWS** | **Azure** | | ---------------------------------- | ------------------------------------- | | Direct Connect Virtual Interface | Express Route Circuit Peering | | Global Accelerator | Express Route Connection | | Global Network | Express Route Cross Connections | | Instance | Express Route Gateway | | Interface | Firewall Application Rule | | Internet Gateway | Firewall Nat Rule | | Managed Prefix List | Firewall Network Rule | | Nat Gateway | Firewall Policy Rule Collection Group | | RDS Cluster | Front Door | | Route Table | Front Door Frontend Endpoint | | Route53 Resolver | Front Door Rules Engine | | Transit Gateway | Origin | | Transit Gateway Attachment | Private Endpoint | | Transit Gateway Peering Attachment | Resource Group | | Transit Gateway Route Table | Traffic Manager Profile | | Transit Gateway VPC Attachment | Virtual Hub | | VPC Peering Connection | Virtual Machine | | VPN Connection | VNet Gateway | | VPN Gateway | VNet Gateway Connection | | | VNet Peering | ### Test Coverage Analysis Test coverage in Cloud Insights provides visibility into how your synthetic tests intersect with cloud resources, helping you identify assurance gaps and strengthen your overall digital resilience. This feature enables you to quickly assess which resources are being monitored by which tests and which resources may require additional coverage. ![Cloud Insights test coverage filter and column](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-49033dad626b1d900279c5e2162f69c915034399%2Fcloud-insights-views-test-coverage.png?alt=media) #### Key Features and Benefits * **Visual Coverage Indicators**: View the number and name of tests associated with each cloud resource directly in the inventory table. * **Gap Remediation**: Easily identify untested resources that may represent blind spots in your monitoring strategy, and go directly to the test creation page from any unmonitored resource. * **Seamless Navigation**: Navigate directly from Cloud Insights to Network & App Synthetics to view detailed test results. * **Filtering Capabilities**: Sort and filter resources based on test coverage to prioritize remediation efforts. * **Multi-Cloud Support**: Available for all supported cloud environments. #### Test Coverage Column 1. Navigate to **Cloud Insights > Inventory**. * The **Test Coverage** column in the bottom table displays the number of tests associated with each resource. 2. Click the column header to sort resources by coverage (ascending or descending) 3. Hover over a test number to view a tooltip showing up to 5 associated tests. * Click the tooltip to keep it visible. * Tests are sorted alphabetically by name. * Click any one test, or click **View all tests** to view the test details for the associated test(s) in a new browser tab. See [Accessing Test Details](https://docs.thousandeyes.com/product-documentation/cloud-insights/views#accessing-test-details) for more information. 4. If no tests are associated with the resource, optionally select **Create test** from the **Action** column to create a new test that monitors the resource. Test creation opens in a new browser tab. See [Tests](https://docs.thousandeyes.com/product-documentation/tests) for an overview of how to create tests. ![Create tests link from Cloud Insights inventory screen](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-0625a36be9982709a259392e4f5a68418b788fd6%2Fcloud-insights-views-create-tests.png?alt=media) #### Test Coverage Filter Use the **Test Coverage** global filter to refine your view: 1. In the global filters along the top, locate **Test Coverage**. 2. Select one or multiple options from: * No Coverage. * Tests by test type. 3. When a test is selected, only resources intersecting with that test path are displayed in the table. 4. Use the No Coverage filter to quickly identify all resources currently unmonitored by any test. #### Accessing Test Details From the inventory table, you can navigate directly to test configurations: **From the tooltip:** 1. Hover over a resource with test coverage. 2. Click on any test name link or **View All Tests** to open the associated test(s) in Network & App Synthetics in a new browser tab. **From the Actions menu:** 1. On any resource row in the table, click the **Actions** menu (...). 2. Select **View All Tests** to see the complete list of associated tests in a new browser tab. **In Network & App Synthetics:** * When you click any associated test link, the new browser tab takes you directly to **Network & App Synthetics > Views**. * If you selected a test name link, only that test is visible in the tab. * If you selected **View All Tests**, the view defaults to the first listed test associated with the resource. Click the **Test** dropdown menu to see the full list of tests associated with the resource. * **Note**: a temporary tag is created when you view all tests, found under **Built-in tags** and named “Tests covering ``”. You cannot save this tag. ![Temporary test label](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-2e10d391eee04103a45d05d6e1a9dbf9db7e9c11%2Fcloudinsights-cea-test-label.png?alt=media) * Once you have selected a test, the default view is the **Cloud Configuration** layer and its **Topology** tab, where you can see how the test intersects with your cloud resources. If you do not see your resource in the default topology view (such as listeners under a Global Accelerator), click **Expand All** at the right to view the full topology. See [Network & App Synthetics Cloud Layer](#network-and-app-synthetics-cloud-layer) for more information about how to navigate test results views. #### Understanding Test Coverage Data * **Coverage Scope**: Test coverage shows all resources that intersect with a test path, not just the test target. * **Real-Time Updates**: Coverage data refreshes as tests are created, modified, or deleted in Network & App Synthetics. ### Saving Inventory Dashboard Settings When you choose which columns to display, set filters, or change grouping, the URL is updated with that information. You can copy the URL and share it (for example, by bookmarking it or saving it in your browser favorites) so that you or others can return to the same view later. **What is saved in the URL**: * Column selection. * Global (top) filters. * Resource Type (middle) filters. * Grouping (**Group-By**). * Timestamp. * When you open the link later, you can move the time slider to update the time data (for example, to the current time); the chart and time-based data update, while your filters, columns, and grouping stay the same. You can adjust the time range and table settings independently after loading the page. * Alternatively, remove the timestamp part of the URL before saving to always open it to the current time. ### Viewing Inventory Events The Inventory dashboard defaults to showing resource metrics. You can also choose to view **Events** from the **Metrics** selector at the top left of the page. To view **Events**, use the chart to select a time slice showing event activity; all events at that specific time load within the table beneath. Events in the inventory view show the same information as in **Cloud Insights > Views**: see [Events Tab](#events-tab). For information about the **Data Window** selections, see [Time Span Selector](https://docs.thousandeyes.com/product-documentation/cloud-insights/views#time-span-selector). ## Views Screen for Flow Logs Analysis ![Cloud Insights timeline view and filter options](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-47157eed039f344963ad9de7c9b9ee1ddf493aa5%2Fcloudinsights-views-filter-abovetimeline.png?alt=media) ### Viewing Your Log Data For both AWS and Azure environments, navigate to **Cloud Insights > Views** to see your flow logs activity. For AWS, you can view both VPC flow logs and Transit Gateway flow logs data, separated into tabs at the top of the screen (**Flow Logs** displays both AWS VPC and Azure VNet flow log data; **Transit Gateway Flow Logs** displays exclusively AWS Transit Gateway flow log data). Key differences between the two log types are: * VPC flow logs capture traffic at the individual VPC subnet or network interface level, focusing on traffic observed within the VPC. * Transit Gateway flow logs provide a broader view by capturing traffic traversing the transit gateway itself, which aggregates traffic across multiple VPCs and connections, enabling visibility into inter-VPC and hybrid network traffic flows. See [Flow Log Types](https://docs.thousandeyes.com/product-documentation/cloud-insights/flow-log-types) for more information about the difference between VPC and Transit Gateway flow logs and their use cases. * For more information about Amazon Virtual Private Cloud (VPC), see [What is Amazon VPC?](https://docs.aws.amazon.com/vpc/latest/userguide/what-is-amazon-vpc.html). * For more information about Amazon Transit Gateways, see [What is AWS Transit Gateway?](https://docs.aws.amazon.com/vpc/latest/tgw/what-is-transit-gateway.html). * For more information about Microsoft Azure Virtual Network (VNET), see [What is Azure Virtual Network](https://learn.microsoft.com/en-us/azure/virtual-network/virtual-networks-overview)? The default timeline shows you total throughput over the last 24 hours, including - for VPC and VNet logs - all internal cloud traffic (the gray overlay), which you can toggle on and off. You can also access more granular “stacked views” by resource depending on the metric you choose (see [Stacked View](#stacked-view)), and compare up to three metrics at the same time for improved root cause analysis (see [Viewing Multiple Metrics Charts](#viewing-multiple-metrics-charts)). In addition to the timeline, Cloud Insights provides a traffic table in the area below the timeline. [Filtering and grouping](#filtering-and-grouping) are also available. ![Cloud Insights flow logs data table](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-e4a822f4c20b71f7628e4906eeab033b2f3cf579%2Fcloud-insights-views-traffic-table.png?alt=media) ### Log Metrics Cloud Insights offers you two types of timeline view to enhance your flow logs traffic analysis. For an overview of all flow logs traffic, select any metric under **Total View**. For a segmented view of traffic from particular resources, select any metric under **Stacked View**. You can also select up to three metrics from either view using the checkboxes; this places the three chosen metrics’ timelines on top of each other for ease of comparison. See [Viewing Multiple Metrics Charts](#viewing-multiple-metrics-charts) for more information. ![Total View and Stacked View metrics, and their checkboxes for multi-metric view](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-43266568cd85a58db171714b476abdcc9c270c3d%2Fcloud-insights-views-total-v-stacked.png?alt=media) The following log metrics are available under **Cloud Insights > Views**: | Metric | View | Log Type | Description | | ------------------------------- | ------- | ------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | Total Throughput | Total | VPC/VNet, Transit Gateway | Sum of virtual network accepted actions for traffic going to or coming from outside your cloud environment. Limited to traffic going through the test ingress point at the cloud edge. | | Rejected Throughput | Total | VPC/VNet | Sum of rejected total throughput. | | Throughput Inbound | Stacked | VPC/VNet, Transit Gateway | Total traffic from the remote endpoint to the local endpoint of the connection. | | Throughput Outbound | Stacked | VPC/VNet, Transit Gateway | Total traffic from the local endpoint to the remote endpoint of the connection. | | Rejected Throughput Inbound | Stacked | VPC/VNet | Total rejected throughput from the remote endpoint to the local endpoint of the connection. | | Rejected Throughput Outbound | Stacked | VPC/VNet | Total rejected throughput from the local endpoint to the remote endpoint of the connection. | | Connections per second | Stacked | VPC/VNet, Transit Gateway | Sum of new TCP (Transmission Control Protocol) connections. | | Rejected connections per second | Stacked | VPC/VNet | Connections that were dropped due to policy enforcement. | | Dropped Packets | Stacked | Transit Gateway | Total number of dropped packets. AWS Transit Gateway packet drops can occur due to blackhole routes (routes configured to intentionally discard traffic), no matching route in the route table, packets exceeding the Maximum Transmission Unit (MTU), or Time-To-Live (TTL) expiration. These types of drops can occur on both the inbound and outbound paths through the Transit Gateway. | | Flows per second | Stacked | VPC/VNet, Transit Gateway | The rate at which network flows (sequences of packets with the same 5-tuple: source IP, destination IP, source port, destination port, protocol) are observed in the cloud environment, measured in flow logs per second. | | Skipped Data (for AWS only) | Stacked | VPC, Transit Gateway | Flows that were dropped by AWS due to performance issues, unlike “rejected” that were dropped due to policy enforcement. | **Note:** Throughput in **Cloud Insights > Views** refers to the average rate of data transferred between two endpoints or groups of endpoints (such as between two VPCs). In the [Cloud layer](#network-and-app-synthetics-cloud-layer) of **Network & App Synthetics > Views**, when shown alongside synthetic tests, this metric reflects all traffic passing through the tested endpoint, not just that generated by test agents. In both cases, throughput is always displayed as the number of bits transferred, averaged over 5-minute (300-second) intervals. For Outside Cloud Throughput and other outside cloud metrics, see [Network & App Synthetics Cloud Layer](#network-and-app-synthetics-cloud-layer). ### Stacked View ![Stacked view timeline](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-ff7a138991dfa8c2881705bb6106d77327c29bea%2Fcloud-insights-views-stacked-timeline.png?alt=media) The stacked view enables you to gain granular insights into cloud traffic patterns to better optimize performance and troubleshoot issues. Use cases include: 1. **Identifying resource-specific traffic bottlenecks**: Pinpoint which cloud resource types (e.g., instances, load balancers) contribute disproportionately to total throughput, indicating potential bottlenecks or overutilized resources. 2. **Optimizing cloud resource utilization and costs**: Analyze traffic distribution across resources to identify underutilized or overutilized resources, reducing cloud costs and improving efficiency. 3. **Detecting anomalous traffic patterns**: Identify unexpected throughput spikes or drops for specific resources, indicating potential security issues (e.g., DDoS attacks) or misconfigurations. 4. **Capacity planning for multi-cloud environments**: Forecast resource needs across your cloud environment by analyzing historical throughput trends per resource. Grouping by resource type (e.g., all Transit Gateways) or filtering by region (e.g., us-east-1) supports multi-cloud strategies. When you select a metric under **Stacked View**, the top five items in the chosen grouping by throughput are displayed on the chart, plus the total throughput. You can add or remove up to ten grouping items using the checkboxes in the table below the timeline. If you deselect an item from the comparison legend below the timeline, that item’s data is removed from the chart. Hover over a time slice (hairline) for information about the segmented traffic at that point in time. ![Segmented traffic data on hover](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-2e2f72069b18c0474c96dd1064214d1786d8fcfa%2Fcloud-insights-views-segmented-traffic.png?alt=media) You can further refine your view and table data by using [filtering and grouping](#filtering-and-grouping). ### Viewing Multiple Metrics Charts You can select up to three metrics to view at the same time for enhanced analysis. Open the **Metrics** dropdown and select any three metrics. Charts appear in the order that you select them. Note that when you select three, all other metrics options are greyed out. You must deselect a metric to select a different one. ![Three charts in one view](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-df6b44d37515e474248ae333683c2a50370369da%2Fcloud-insights-views-multi-charts.png?alt=media) The three charts respond identically to timeline adjustments, so they are always in line with each other. If you hover over a point in any chart, it shows you the given metrics for each chart visible for that time instance. For example, in the image above, whether you hover on the total throughput time series or the throughput outbound time series, the hover box shows you the metrics for all three charts. Note that the stacked charts present as columns in the hover box. #### Changing the Primary Chart The data table beneath the time series charts corresponds to the “primary” metric. To update the table to show data from a different chart, click the radio button next to the chart name you want to nominate as primary. The “Primary” label switches to this new chart and the table updates to show its data. The swimlane that shows operational and configuration events also moves to sit directly below the primary chart. If viewing stacked charts, the **Flows for Comparison** legend always sits at the bottom of all of the charts, and also updates when you change primary charts. ### Filtering and Grouping Filters and groups enable flexible and contextual views of performance. Use filtering at the top of the timeline to narrow down the data displayed on both the timeline and table. Underneath, use grouping to view different aspects of the data displayed in the table only. Note that changes to filtering affects the timeline and table data; changes to grouping only affects the table data. The filter and grouping options are different depending on which type of flow log you’re viewing, as described in the tables below. Options are available for local and remote resource types. Local resource types are where the logs are captured. Remote resource types are where the logs are destined. #### Filters for VPC/VNet Flow Logs | Local | Remote | | -------------------- | ----------------- | | Account/Subscription | Account | | Availability Zone | AS | | Interface | Availability Zone | | IP | Interface | | Protocol | IP | | Region | Location | | Resource | Region | | Resource Group | Resource | | Role | Resource Group | | Service | Role | | Service Provider | Service | | Subnet | Service Provider | | Tags | Subnet | | Traffic Path | Tags | | VPC/VNet | VPC | Flow logs display local Account/Subscription, Region, and VPC/VNet filters by default across the top of the timeline. To add more filters: * Click **Add Filter** to select the resource or attribute to filter on. ![Filter first by resource type or attribute (such as protocol)](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-9992b06b8b420c658c2a6acf6f7bb666f7089192%2Fcloud-insights-views-filter-1.png?alt=media) ![Filter next by resource name or attribute type (for example, which specific protocol)](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-88354c968ed0ab7f9ca777689b0451f906695f87%2Fcloud-insights-views-filter-2.png?alt=media) * Once you make a selection, the filter then gets added alongside the default filters at the top, along with a button to reset the filters. ![Filter selection added to filter bar](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-7e94ac247d5585b52262534f64b958236649307e%2Fcloud-insights-views-filter-bar.png?alt=media) * Click any filter to open its dropdown to make a different selection of resources/attributes, or click the **X** to clear that filter and remove it from the header bar. * **Note** that the chart time span narrows to a maximum of 6 hours when any of the following filters are selected to maintain response times due to the large datasets they represent: * Tags * IP * Resource * Role (client/server) * Traffic Path * Interface * Location #### Local and Remote Groupings for VPC/VNet Flow Logs Groupings default to: local - Region; remote - Region. | Endpoint Groups | Other | AWS Tags | No Grouping | | -------------------- | ------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------ | ----------- | | Account/Subscription | AS (remote only) | AWS tags selected for filtering purposes from [Tags Management](https://docs.thousandeyes.com/product-documentation/cloud-insights/settings#tags-management) | No Grouping | | Availability Zone | Location (remote only) | | | | IP | Protocol (local only) | | | | Region | Role | | | | Resource | Service Provider | | | | Resource Group | Traffic Path (local only) | | | | Service | | | | | Subnet | | | | | VPC/VNet | | | | #### Filters for Transit Gateway Logs | Transit Gateway | Attachment - Local/Remote | Endpoint - Local | Endpoint - Remote | | --------------- | ------------------------- | ----------------- | ----------------- | | Account | Attachment ID | Account | Account | | ID | Attachment Type | Availability Zone | AS | | Region | Availability Zone | Interface | Availability Zone | | | ENI | IP | Interface | | | Subnet | Protocol | IP | | | VPC | Region | Location | | | | Resource | Region | | | | Role | Resource | | | | Service | Role | | | | Subnet | Service | | | | Tags | Service Provider | | | | VPC | Subnet | | | | | Tags | | | | | VPC | The **Transit Gateway Flow Logs** tab displays all Transit Gateway filters (account, ID, region) as well as local attachment type and local attachment ID by default across the top of the timeline. To add more filters, click **Add Filter**. **Note** that the chart time span narrows to a maximum of 6 hours when any Endpoint (local or remote) filter is selected to maintain response times due to the large datasets they represent. #### Local and Remote Groupings for Transit Gateway Logs Groupings default to: local - Transit Gateway Attachment ID; remote - No Grouping. | Transit Gateway (local only) | Transit Gateway Attachment | Endpoint Groups | Other | AWS Tags | No Grouping | | ---------------------------- | -------------------------- | ----------------- | ------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------ | ----------- | | Transit Gateway ID | Attachment ID | Account | AS (remote only) | AWS tags selected for filtering purposes from [Tags Management](https://docs.thousandeyes.com/product-documentation/cloud-insights/settings#tags-management) | No Grouping | | Transit Gateway Account | Attachment Type | Availability Zone | Location (remote only) | | | | Transit Gateway Region | Attachment AZ | IP | Protocol (local only) | | | | | Attachment Interface | Region | Role | | | | | Attachment Subnet | Resource | Service Provider (remote only) | | | | | Attachment VPC | Service | | | | | | Attachment VPC Account | Subnet | | | | | | | VPC | | | | ![Cloud Insights local grouping options for VPC flow logs below the timeline](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-13fd7892f0323c2b1f311b01b8b79cca767a54f0%2Fcloud-insights-traffic-table-grouping.png?alt=media) ### Table Tab The **Table** tab displays a list of resources that meet the grouping criteria specified just below the timeline. With the **Table** tab view you can: * Use the grouping criteria to determine what is displayed. * Click on column headers to change the sort order. * Hover over a row to display more details about the row item. * Click the ellipsis (`...`) at the end of the row to filter based on the selected row item. ![Cloud Insights Table tab](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-4b4adadc9efc0480f60f21c24f2b600da6c57c36%2Fcloudinsights-views-table-tab.png?alt=media) #### Time Span Selector A time span selector allows you to control how much historical data you view within the **Table** and [**Events**](#events-tab) tabs, providing greater flexibility and insight into your network performance. Choose from: * **5-minute selection**: Select any time slice (the black "pin") in the chart to focus on the activity during a specific 5-minute data capture period. This is ideal for troubleshooting real-time issues or pinpointing short-term anomalies. * The table updates every time you select a difference time slice. * **Chart Time Span** (Up to 14 Days): Expand your analysis by selecting a broader time range in the chart, up to 14 days. This option lets you observe long-term trends, track recurring issues, or compare performance over different periods. * When selected within the **Table** tab, two new columns for **Volume** (inbound and outbound) automatically appear in the table that *aggregate* the traffic volume over the selected time range, while the existing columns *average* their values over the time range. * When selected within the **Events** tab, the events table lists all events that occurred within the selected time range. * The table does not update to show a different time slice when **Chart time span** is selected, only when you select a different time range in the chart. * **Note** that the time range is limited to 6 hours when grouped or filtered by IP, Resource, and other large data sets - see [Filters for VPC/VNet Flow Logs](#filters-for-vpc-vnet-flow-logs) and [Filters for Transit Gateway Logs](#filters-for-transit-gateway-logs) for the full list. ![Time span selector](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-bef76efe31cb5622921d69dc9b0e0c6e0199d60b%2Fcloud-insights-timespan.png?alt=media) #### Column Settings **Customizable Table View** * **Column Configuration**: Show or hide columns based on your workflow requirements. * **Sortable Data**: Organize information by clicking column headers. #### How to Configure Table Columns 1. Navigate to **Cloud Insights > Views**. 2. Click the cog icon (⚙️) in the top-right corner of the data table. 3. Select or deselect columns from the settings panel: * Checked columns appear in the table. * Unchecked columns remain hidden but are still searchable. * Grayed-out columns are mandatory and cannot be hidden. 4. Reorder columns (optional) by dragging the column indicators in the settings panel. 5. Click **Save** to apply your changes. The table updates immediately to reflect your selections. **Hidden Columns in the Views Table** Grouping (local and/or remote) must be set to "IP" to reveal hidden columns in the column settings panel. Note that selecting the "IP" grouping does not automatically reveal the additional columns on the table; you must also select the columns from the column settings panel. * Traffic Path * Local Server Top Ports (only visible when grouped locally by "IP") * Remote Server Top Ports (only visible when grouped remotely by "IP") * Protocols **What "Top Ports" Means** The "top ports" data column provides valuable metadata about the most frequently used network ports in your IP-to-IP flows. **How It Works** * Your cloud providers send us network flow files approximately once per minute. * For each flow between two IP addresses (IP1 <-> IP2), we identify and store up to the top two ports observed for each IP address within that minute. * Only the port numbers are retained — no information on flow counts or throughput for specific ports is collected. * This “top ports” data serves as metadata, helping you quickly identify which application ports are most active in your network flows. **Data Aggregation over Time** * When viewing port data in the table, multiple flow files are aggregated together - for example over the last 5 minutes when you choose **5-minute selection** in the [time span selector](#time-span-selector). * If different files within the interval record different “top-2” ports for the same IP pair, the table may display more than two ports per IP. This reflects the union of all top ports observed during the selected period. #### Table Search **Enhanced Data Discovery** * **Comprehensive Search**: Search across all data attributes in the data table, including hidden columns (see [How to Configure Table Columns](#how-to-configure-table-columns) for a list of hidden columns). * **Flexible Matching**: Case-insensitive search supports both full and partial text matching. * **Streamlined Interface**: Additional data columns remain hidden by default to maintain a clean layout while staying fully searchable. #### How to Use Search 1. Navigate to **Cloud Insights > Views**. 2. Locate the search bar at the top of the data table. 3. Enter your search term, either partial or complete. You can search for: * IP addresses or subnets. * Asset names or types (for example, "Direct Connect", "ACL"). * Any other text appearing in the table data. 4. Review the filtered results; the table displays only assets matching your search criteria. We recommend adding relevant columns before searching if you need to verify specific attributes in your search results. 5. Clear the search by deleting the text in the search bar to return to the full asset list. **Note**: The search operates on data currently loaded in the user interface, not the entire customer database. Ensure relevant filters are applied to see all assets you want to search. ### Events Tab Cloud Insights tracks configuration change and operational scaling events and state changes across any element of the virtual infrastructure that serves your application. Note that you do not need a flow log integration to view events, as these are generated from your inventory integration. In addition to problematic infrastructure elements, a common cause for application downtime is changes made by an automated process or a live human. Monitoring change events not only allows you to determine what changed at what time, but also to correlate that change with application availability and other metrics. To view change event metrics, select the **Events** tab beneath the chart. ![Viewing change and operational events](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-45bbc1af49c6cc6793bef1a03e63884fd35d8e4b%2Fcloud-insights-timeline-allevents.png?alt=media) A view of change events is also available in the [**Cloud** layer of **Network & App Synthetics > Views**](#network-and-app-synthetics-cloud-layer). Configuration changes and operational changes are colored green and blue on a separate swimlane on the topology view. Note that not all changes negatively impact applications and services. Change events are also visible as a metric on the timeline in **Cloud Insights > Inventory**. ![Event Count in the Cloud layer of Network & App Synthetics > Views](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-28e06da0c48d9c34a91e75d449310696a0294ba7%2Fcloud-insights-cea-views-event-count-2.png?alt=media) To view events over a selectable period of time, see [Time Span Selector](#time-span-selector), above. #### Viewing Configuration Changes You can view a diff of the change, before and after the change event occurred. To view a diff, select a row containing a configuration change from the **Events** table located below the timeline. ![Configuration change diff](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-0f52ed63f877f7f8f61b3e6f7def60e16a25b08a%2Fcloud-insights-events-change-diff.png?alt=media\&token=053fe398-63a0-44a4-880f-b013583cd4d2) You can also use the **Inventory** screen to show the diff. Click on any row located under the **Asset Name** header. ![Configuration change diff from the Inventory view](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-a4036a7ca392ca6b40ace7064cc7aa3889a5c587%2Fcloud-insights-events-config-change-inventory.png?alt=media\&token=43981189-0d70-4aa5-bd7c-487e910b2955) Use the **Events** tab to track configuration changes and operational events due to adding or removing instances. ### Map Tab The **Map** tab groups cloud environment resources by region and displays them using a map visualization. Use the `+` and `-` buttons in the upper right to zoom in and zoom out, respectively. Hover over any item to display more details about the resource. ![Cloud Insights Map tab](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-d1f7e7328ecc9b61560f8ce97d05eaf6043ade96%2Fcloudinsights-views-map-tab.png?alt=media\&token=3a0e23bd-0d87-40f2-befe-7e8a30d78990) ## Network & App Synthetics Cloud Layer The **Cloud** layer is available within **Network & App Synthetics > Views**. Cloud Insights are integrated with the Network & App Synthetics views both as a swimlane below the timeline showing configuration change and operational events, and as a traffic topology map. ![Configuration Change and Operational Events are visible in the swimlane below the timeline](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-84dd680004cf516c6a3a297163f991eb3b119042%2Fcloudinsights-cea-timeline-2.png?alt=media) The **Cloud** layer shows your cloud environment behind the load balancer that is serving your application. For AWS environments, this can also be the Global Accelerator. This view pulls in your cloud native inventory for the specific service, providing a logical service map of how your application is being served. You can use the traffic timeline to visualize how your application is distributed within your cloud provider networks. ![Cloud layer timeline and path vis](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-7f6c20664dbc64c5189ce867d23b63843f89bfc9%2Fcloudinsights-cea-traffic-overview.png?alt=media) ### Filtering for Cloud Layer Tests To make it easy to find your tests that have the **Cloud** layer visible, open the **Test** dropdown at the top left of the screen and select the checkbox next to **Cloud Insights enriched tests** in the filter column. This filters all your tests to just those that have an endpoint in your cloud environment. **Note** that this checkbox is only visible if you have successfully set up an inventory integration for Cloud Insights and have tests running to your cloud environment. To navigate to the **Cloud** layer within a particular test, click on the **Cloud** label to the left of the timeline. If you do not see a **Cloud** layer it means you have not configured a supported cloud provider inventory integration, or you are not testing to a supported test target. ![Cloud Insights enriched tests checkbox](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-24e025977912a05b33f8f948dabb2a2023de718f%2Fcloudinsights-cea-test-checkbox.png?alt=media) ### Cloud Layer Metrics Available metrics for the **Cloud** layer timeline are: * Outside Cloud Throughput. * Outside Rejected Throughput. * Outside Connection Rate. * Outside Rejected Connection Rate. * Event Count. You can choose to compare multiple metrics at the same time, including from other tests. See [Multi-Source Views](#multi-source-views) for more information. Outside Cloud Throughput is traffic throughput to remote endpoints that are outside of your monitored cloud accounts or subscriptions (could be outside of the cloud or in the cloud but not monitored). For example, for an externally facing load-balancer the timeline displays how much traffic is entering the cloud and exiting the cloud through this load balancer over the given time period. You can use Outside Cloud Throughput to analyze relevant traffic and to determine if there is degradation of traffic to that node that could be causing a delay. In this same vein, Outside Rejected Throughput is the total rejected throughput outside of the cloud environment, and Outside Connection Rate and Outside Rejected Connection Rate are the sum of new TCP connections (or dropped connections in the case of rejection) where the remote endpoint is outside of the cloud environment. {% hint style="info" %} When attempting to correlate flow log data with other metrics, a related spike may show up in the next adjacent bucket. This is because traffic flow log data is aggregated every 5 minutes. {% endhint %} ### Multi-Source Views Cloud Insights offers a unique view of your test environment within Network & App Synthetics, but is made more powerful when you place it alongside your other test metrics. Viewing **Cloud** layer metrics together with other test layers provides a unified, end-to-end view of the entire digital experience from the end user through the web, network, and routing layers, and into the cloud infrastructure hosting the application. This helps identify where issues originate and how they propagate across layers. Additionally, when you view Cloud Insights’ time-correlated cloud infrastructure changes alongside network and application metrics, you can detect if configuration updates in the cloud (for example, security group changes) are causing performance degradation or outages downstream. #### Viewing Multiple Metrics ![Primary and comparison metrics](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-af9d0c686fbf95484b43025f9f725af344b6287c%2Fcloudinsights-multi-source-metrics.png?alt=media) To view multiple metrics: 1. Go to **Network & App Synthetics > Views**. 2. From the **Test** dropdown, select a test to view (hint: to see only tests with **Cloud** layers, select the **Cloud Insights enriched tests** filter. See [Filtering for Cloud Layer Tests](#filtering-for-cloud-layer-tests) for more information. 3. From the column beneath the **Test** dropdown, select the test type and layer you want to view your primary metric in, such as the transaction test type in the web layer or the agent-to-server test type in the network layer. Your timeline can display multiple metrics, but only your primary metric displays additional information about that test type and layer below the timeline, such as in a table, waterfall, path vis, or topology. 4. In the **Metrics** dropdown, select your primary metric for that layer from the **Primary Metric** column, such as transaction time in the web layer or jitter in the network layer. 5. From the **Comparison** column, select up to four additional metrics for comparison from any of the other test layers. The result is a stack of charts displaying different metrics from different test layers, giving you at-a-glance data about multiple aspects of your test environment. ![Multi-chart results](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-65057a076d3269a710b86ec24d18782dfc3accb8%2Fcloudinsights-multi-chart-results.png?alt=media) To change your primary metric, select the radio button next to the metric name at the top left of each chart. The layer and scale for each chart appears to the right. The swimlane showing operational and configuration events always sits directly below the primary metric. #### Understanding the Time Slice A time slice on the chart represents a period, like 30 minutes, where test results are shown, defaulting to the primary metric's interval length. Not all metrics use the same test interval. For example, while the primary metric may show results every 30 minutes, others may show every 5 minutes, or even every 1 minute. When you hover over the chart, you see exactly which timeframe each metric's data comes from. Moving your cursor can change which segment is shown for metrics with shorter intervals, while longer-interval metrics stay the same. The bolded metric matches the metric you hover on and sets the time-frame at the top of the hover window — for example, hovering over a 5-minute metric shows a 5-minute time frame, while other metrics still show their original intervals. ![5-minute increment on hover](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-c4ed6c30aee5fd85aa9f77c8175370a9a5c74363%2Fcloudinsights-five-minute-increment.png?alt=media) ### Cloud Layer Topology Tab When the **Cloud** layer view is selected, the area below the timeline displays the traffic topology under the **Topology** tab, grouped into either regions or accounts for additional path context (see [Topology Grouping](https://docs.thousandeyes.com/product-documentation/cloud-insights/views#topology-grouping) below). The **Topology** tab offers two views, **Service Configuration** and **Network and Security** (currently, **Network and Security** is only available for AWS environments). The **Service Configuration** view shows resources that perform services focused on running applications, managing compute capacity, and efficiently delivering application content and traffic to end-users, such as load balancers, EC2 instances, or virtual machines. Many of these resources double as test targets. The **Network and Security** view, available by clicking on any shield icon, shows resources that make up the underlying connectivity and access-control infrastructure upon which resources in the **Service Configuration** view operate. This can include network interfaces, security groups, and routing tables. While not test targets themselves, you can use these resources to help troubleshoot test degradation. ![The Service Configuration view, grouped by region](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-a0ad19121cdf082e74b2284606ed83fd041b6cd5%2Fcloudinsights-region-topology.png?alt=media) #### Topology Grouping Topology grouping allows you to view your network and application path structure in an organized and meaningful way. This helps you to understand service dependencies and traffic flows within specific geographic or organizational boundaries, making it easier to pinpoint issues and their impact on users in those groups. ![The same Service Configuration view, grouped by account](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-2d97d77abc1b391ebf3298bd25f13c5f4de65cc1%2Fcloudinsights-account-topology.png?alt=media) By default, the nodes in your topology view are grouped by region. In the top right corner of the **Topology** tab, you can change the view to group by account, or to remove grouping for a more compact view. ![The grouping toggle](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-f599fefa4606bbc47da9578c313fd1bb1dd63d01%2Fcloudinsights-grouping-toggle.png?alt=media) ### Service Configuration View The default view under the **Topology** tab is the **Service Configuration** view, which shows the connections between your cloud resources that perform compute and application delivery services. These services host virtual machines and containerized applications, and distribute incoming requests across various backend resources, ensuring high availability, performance, and scalability for applications. Nodes in this view include resources such as load balancers, listeners, instances, and virtual machines. #### Searching in the Service Configuration View You can use the search box to locate a specific resource by name. The **Service Configuration** view shows the found resource highlighted with other resources greyed out. ![Searching in the Service Configuration view](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-65319c8e7f6d6bf2228c2618a9ce621b26be44f0%2Ftopology-search-expanded-view.png?alt=media) ### Network and Security View When you see a shield icon, that indicates that the connection between two **Service Configuration** resources involves additional networking or security resources for their connection. ![Network and Security view shield](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-5a99dcb788eea11d1368c7632e9abe4162e9c561%2Fcloudinsights-network-security-view.png?alt=media) The **Network and Security** view encompasses the foundational networking constructs, connectivity services, and security enforcement points that define the network topology, control traffic flow, and secure communication within, to, and from cloud environments. These resources are responsible for establishing private networks, routing traffic, enforcing access policies, and enabling secure hybrid and inter-cloud connectivity. You can find the following resources in the Network and Security view. #### Network and Security View Resource List | Resource Icon | Resource Type | Definition | | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | ![](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-356ce7d20b5f43afdaf4388501f17445fe9ad8cc%2Fdirect-connect-icon.png?alt=media) | Direct Connect Gateway | Allows you to connect your AWS Direct Connect connection in different AWS regions. | | ![](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-623d54b1ae7f854cd7deb31d586b26f2a72e0694%2Fdirect-connect-vif-icon.png?alt=media) | Direct Connect Virtual Interface (VIF) | Establishes Layer 3 connectivity over an AWS Direct Connect connection, enabling private or transit access from on-premises networks to AWS services, including VPCs and Transit Gateways. | | ![](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-25ed8741ac3bb20621f37723b91c18cb54fc5863%2Fnetwork-interface-icon.png?alt=media) | Elastic Network Interface | Virtual network interface that can be attached to resources in a VPC. | | ![](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-7160c170381aeda147286a7d3bbc4fc8ac2686ba%2Fnacl-icon.png?alt=media) | Network Access Control List (NACL) | Subnet-level firewall that controls inbound and outbound traffic at the subnet boundary. | | ![](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-dee3b7031919bd1de62a794861d9e8d28a569cb4%2Froute-table-icon.png?alt=media) | Route Table | Set of rules used to determine where network traffic is directed within the cloud network. | | ![](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-50a4ad2d28ed4ecf061e6b0bafd08d6f4ec15698%2Fsecurity-group-icon.png?alt=media) | Security Group | Virtual firewall controlling inbound and outbound traffic for resources such as EC2 instances. | | ![](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-aff383de191f936c22d316ea5ecdf14fcc9652ac%2Fsubnet-icon.png?alt=media) | Subnet | Subdivision of a network, allowing logical segmentation of cloud resources within a VPC. | | ![](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-e7383ab3d7810f7dd7f63c1eac3e08a5ece04021%2Ftgw-route-table-icon.png?alt=media) | Transit Gateway Route Table | Routing table that controls how traffic is routed through an AWS Transit Gateway. (Transit Gateways, Transit Gateway Attachments, and Transit Gateway Peering Attachments are inferred by this resource) | | | VPC Peering (inferred) | Networking connection between two VPCs that enables traffic routing between them using private IPs. | ![Network and Security view detail between an AWS target group and network load balancer](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-ea6a6852b4a24f58a3c6f93c950b8748ad8b333e%2Fnetwork%2Bsecurity-interface.png?alt=media) Entry points can also be prefixed with interface and security group information. This is helpful for monitoring traffic passing through an outside-facing firewall. ![A prefixed interface in the Service Configuration view](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-7b5b40d99e254db037a3cb9566eb9d96dcbb847d%2Fnetwork-view-as-prefix.png?alt=media) Click on the shield icon for the **Network and Security** view. ![A prefixed interface in the Network and Security view](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-600addaf666e7a5b79d2fc962e336f02feb00aeb%2Fnetwork-view-as-prefix2.png?alt=media) To exit the **Network and Security** view, click on **Service Configuration** on the upper left corner of the **Topology** tab section. ![Click on "Service Configuration" to exit the Network and Security view](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-74cd958098fa121e2056432f345905b7b7274283%2Fexit-network%2Bsecurity.png?alt=media) #### Searching in the Network and Security Layer When you search for a resource in the **Service Configuration** view that can only be displayed in the **Network and Security** view, shield icons where the resource can be viewed are highlighted. ![Searching for a network interface](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-3b657639d098324d87d4d20f304f9e85e25b5de8%2Ftopology-search-network%2Bsecurity-noshow.png?alt=media) Click on a highlighted shield to switch to the **Network and Security** view to view the found resource. ![Viewing a found network resource](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-902150d4551d762f9f8302fb513975e5bd7623c5%2Ftopology-search-network%2Bsecurity-view-found.png?alt=media) Note that resources can be repeated in the **Network and Security** view. In the example above, multiple shield icons are highlighted for the same interface. These are repetitions of the same interface shown in different path configurations. ### Dedicated Connections Both AWS and Azure offer dedicated, private-network connections between your on-premises infrastructure and cloud environment, bypassing the public internet for improved security and performance. You can view these circuits - called AWS Direct Connect and Azure ExpressRoute - directly in the **Topology** tab of the Network and App Synthetics **Cloud** layer. See your dedicated connections in both the **Service Configuration** and **Network and Security** views. When you click on the shield icon next to a Direct Connect or ExpressRoute asset, the **Network and Security** view expands to show additional nodes, for example through VIFs (Virtual Interfaces). View your dedicated connections under **Services** within the Cloud Insights **Inventory** view as well. ![A Direct Connect gateway in the Service Configuration view](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-54b4550540565ac83dc12890df71e182196eb47e%2Fdirect-connect-gateway.png?alt=media) ### AWS Topology For AWS, the **Topology** tab shows what's behind the AWS *Global Accelerator* or *Load Balancer* that is serving your application. You can distinguish between traffic flow that originates outside AWS and is destined in AWS, originates and is destined in AWS, and originates in AWS and is destined outside AWS. This means that you can identify network blindspots in the context of where traffic originates and is destined. You can also see traffic flow size (bytes/sec) between each hierarchical AWS instance, e.g. AWS account, AWS region, VPC, AZ, Subnet, AWS instance, and AWS elastic network interface. ![AWS traffic topology map](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-3c1f4465f91bbb288ca06e9d6afb1a0b040f6c80%2Fcloudinsights-cea-aws-topology.png?alt=media\&token=c2e33c90-d162-4186-b81c-daeae12bc464) #### Cross-zone Availability If you have cross-zone availability configured, these paths are shown in the **Network and Security** view under the **Topology** tab. The topology reflects what availability zones a load balancer is actually sending traffic across. ![Highlighting a single path for a load balancer with cross-zone availability configured](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-bf031350db9bb6b489591a337231abfbf2f71a2f%2Fload-balancer-allowed-to-cross-az.png?alt=media) ![Additional interface detail for a load balancer with cross-zone availability configured](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-f6343e612b51979e38e9ac612caf498d02a3fc60%2Fload-balancer-allowed-to-cross-az-same-interface.png?alt=media) ![Second path for a load balancer with cross-zone availability configured](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-e279819f1f50909c489f2d54e88ccca010cb5532%2Fload-balancer-allowed-to-cross-az2.png?alt=media) Even when a load balancer has two interfaces and cross-zone availability is off, the topology only shows the path configured for the same availability zone as the destination displayed in the topology. If your load balancer is not configured to cross zones, then the view will not show any traffic crossing zones. ![Load balancer with multiple instances showing a single instance in the same zone](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-31b27963fd376bc4e6d10e5aa3e45b3dc4e1bdad%2Fload-balancer-with-instances-shows-1-if-in-same-zone.png?alt=media) ### Cloud Layer Events Tab Viewable within both the **Service Configuration** and **Network and Security** topology views are events. Operational events are highlighted in blue while configuration change events are highlighted in green. ![Operational Events are highlighted in blue. Configuration Change Events are highlighted in green.](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-c83318b10967fbf23c5aa680af8db4eebe19e35f%2Fcloudinsights-cea-operational-1.png?alt=media) When any configuration change or operational events are selected in the traffic timeline, they are listed in the **Events** tab underneath the timeline. ![List of configuration change and operational events](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-f8d17d54150b97c173e755e265ab1d40a15288a5%2Fcloudinsights-cea-tab-events.png?alt=media\&token=8f7676d9-86ac-4194-8a9e-ed0d5bdcefbb) Click on any row to view details of the event. Configuration changes show a diff of the change that was made. Click on the blue **Explore in AWS/Azure** button above the diff to access the change in the relevant environment. ![Details of a configuration change](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-95015773d3a2c5e28aca5ae5e68729beb1f05d88%2Fcloudinsights-cea-tab-events-detail.png?alt=media) ### Cloud Layer Traffic Tab Use the **Traffic** tab to view a detailed list of servers along with specific throughput metrics. This list can be grouped and filtered using the selection menus at the top of the list. This functions in the same way as [the Cloud Insights **Table** tab](#table-tab).