Detailed description of ADS SYSCHECK method.


Product: Flowmon ADS

Version: Any

Platform: Any

Notification messages generated by the method are not clear.

The SYSCHECK method doesn't generate standard ADS events. Instead, it generates warnings that are sent to the GUI notification center (bell icon).

Active timeout

The anomaly is detected if all flow duration values differ from 300 seconds (+- 5 seconds) and the maximal duration value is presented multiple times. The solution is to check the configuration of active timeout on the respective flow source. 

Unpaired flows

The anomaly is detected if there are more than MinSingle percent of single flows. A single flow means that the communication cannot be paired. It might be one-way communication or the conversation's request/response is missing.

The root cause can be packet sampling on the flow source, wrong mirroring configuration, or wrong flow export configuration (only one way of communication is mirrored/exported). 


