Network Platform Monitoring

Turn Network Noise
into Clear Action

Sentral is a unified command experience built for operations teams who need clarity, speed, and control — bringing availability, health, log intelligence, and backup readiness into one cohesive view.

 Sentral — Automation Engine Dashboard
Sentral Dashboard
4
Integrated Modules
1
Unified Dashboard
60%
MTTR Reduction
0
Tool Switching Required

One Platform. Complete Visibility.

The Sentral suite unifies the entire operational lifecycle — monitor, alert, investigate, verify, recover, and report — across a single, intelligent interface.

📡
Pulse
Availability & Quality Monitoring

Real-time visibility into network availability and performance quality. Know instantly when critical devices go down and detect performance drift before it becomes an outage.

UP/DOWN STATUS LATENCY PACKET LOSS EMAIL ALERTS
🔬
Health
Deep Infrastructure Diagnostics

Operational command center for network reliability. Deep device-level analytics including hardware, interfaces, protocols, and trend intelligence with tunable alert scoring.

HARDWARE INTERFACES PROTOCOLS REPORTS
📋
SmartLog
Log Intelligence & Rule-Based Alerting

Transforms raw device log noise into prioritized, actionable alerts. Real-time and scheduled detection rules with searchable history and archive retrieval for compliance.

RULE ENGINE KEYWORD LISTS ARCHIVE SEARCH SYSLOG
🛡️
Backup
Configuration Resilience & Recovery

Complete, automated, and auditable protection for network configurations. Scheduled backups, snapshot comparison, one-click restore, and governance-ready audit trails.

SCHEDULING COMPARE RESTORE AUDIT LOGS

Detect. Diagnose. Investigate. Recover.

Sentral shifts NOC teams from reactive firefighting to proactive management through a continuous, interconnected operational loop.

PULSE
1. Detect
Real-time availability and latency monitoring across all devices
HEALTH
2. Diagnose
Deep hardware and interface diagnostics for root-cause isolation
LOG
3. Investigate
Intelligent event alerting and historical log search for evidence
BACKUP
4. Recover
Automated configuration resilience with rapid rollback workflows

Dual-Engine Architecture: Sentral's Live UI Fetch Mode performs zero-database-load live reads for active panels, while Background Snapshot Mode handles threshold evaluation, alerting, and trend retention. These two engines work in concert to deliver real-time responsiveness without compromising system performance at enterprise scale.

Built for Networks. Not Adapted.

Traditional monitoring platforms force operations teams into reactive workflows with fragmented tools and surface-level visibility.

⚠ Traditional Fragmented Monitoring

Generic SNMP scraping with heavy database loads
Surface-level Up/Down status only
Reactive troubleshooting with constant tool-switching
No correlated context across domains
Manual, inconsistent backup routines

✦ Sentral Unified Command Center

Dual-Engine: Live Fetch + Background Polling
Deep hardware diagnostics and protocol state visibility
Proactive, unified Detect → Recover runbook
Correlated cross-domain operational signals
Automated, scheduled, auditable backup operations

AI on Your Terms

Sentral layers optional intelligence on top of deterministic monitoring — from a fully airgapped Copilot to full agentic triage — so every team dials in exactly as much autonomy as their security posture allows.

🛡️
Airgapped Copilot

Deploy Sentral completely airgapped. Copilot runs on trained skill sets defined through prompts — no external AI, and no data ever leaves your network. Operators trigger tasks and get answers in plain language, executed by deterministic, purpose-built skills and tools.

🤖
Full Agentic Triage

Activate AI API integration to add reasoning on top of Copilot. Sentral runs full triage on issues — correlating alerts, logs, health, and configuration across every module to pinpoint root cause and recommend the next action.

💬
Copilot in Every Module

Ask Copilot from anywhere — Pulse, Health, SmartLog, or Backup. Query the network, devices, alerts, and logs in context, then elevate to deeper analysis on demand. Bring your own AI provider and model — nothing is locked in.

MODULE 01 — AVAILABILITY & QUALITY MONITORING
📡 Pulse Module
Real-Time Network
Availability & Quality

Pulse is the network availability and connection-quality watchtower for your critical devices. It moves operations teams from reactive firefighting to proactive monitoring with live detection of outages, latency spikes, and quality degradation.

LIVEStatus Updates
5sPoll Interval
ICMPProtocol
PER-DEVICEAlert Control
 Pulse — Live Dashboard
Sentral Pulse Dashboard

Know the Moment Something Changes

Pulse combines uptime monitoring and quality degradation detection in one workflow. It uses baseline behavior comparison for quality alerts — not just basic up/down checks.

  • Live online/offline device counts updated continuously — no manual reload
  • Per-device status table with name, IP, latency, packet loss, and last offline timestamp
  • Quality deviation alerts triggered by meaningful drift from normal baseline behavior
  • Email notifications for state transitions — up to down and quality degradation events
  • Per-device notification control to suppress alerts during maintenance windows
  • Tunable monitoring sensitivity: polling cadence, timeout behavior, and failure tolerance
Pulse — Live Dashboard
12
Online
1
Offline
0.4ms
Avg Latency
0%
Pkt Loss
Device Status Table
DEVICEIPLATENCYSTATUS
PE1-CORE10.0.1.10.3msONLINE
BRANCH-0210.0.2.5OFFLINE
WAN-FW110.0.0.112.4msDEGRADED
Live Health Dashboard

Online vs offline device counts refresh in real time. Incidents surface immediately without manual checking or screen watching.

📊
Quality Deviation Signaling

Detects meaningful performance degradation — latency drift and packet loss changes — even before full outages occur. Based on normal behavior baselines.

🔕
Precision Noise Control

Enable or disable notifications per device individually. Suppress alerts during planned maintenance without affecting global notification settings.

✉️
Email Alert Delivery

Automatic notifications when a device changes state. Recipients configured centrally. No need to watch the screen to stay informed of outages.

🕰️
Last Offline Timestamps

Each device entry tracks when it was last seen offline. Enables accurate incident timeline construction and triage prioritization by recency.

⚙️
Tunable Sensitivity

Configure polling cadence, timeout behavior, and failure tolerance per device to match operational reality. Avoid false positives on flappy links.

Pulse — Technical Details

Capability Technical Detail
Monitoring ProtocolICMP echo (ping) with configurable timeout and retry thresholds. Failure tolerance tunable per device to reduce false positives on high-latency links.
Poll IntervalConfigurable polling cadence per device. Dashboard UI reflects live updates every 5 seconds via frontend refresh cycle.
Quality DetectionBaseline behavior comparison for latency and packet loss. Quality deviation alerts triggered when drift exceeds configurable thresholds — independent of hard up/down state.
Alert EngineState-transition alerts (online → offline, offline → online) and quality deviation alerts delivered via email. Per-device email enable/disable toggle with centralized recipient management.
Device InventoryAdd, edit, remove devices via UI or bulk import. Each device record stores name, description, IP address, and per-device alert settings.
Status DataPer device: current status, latency (ms), packet loss (%), last offline timestamp. Aggregated live totals: online count, offline count, worst latency, worst loss.
License VisibilityLicense state, grace-period status, and device capacity displayed in settings. Alerts surfaced before unexpected monitoring interruptions occur.
Data RetentionLast offline timestamps persisted per device. Operational history available for triage and incident correlation workflows.

Who Uses Pulse

NOC Analyst

Uses Pulse dashboard to see branch locations go offline, triggers escalation immediately, and tracks restoration in real time without leaving the single interface.

Operations Manager

Sees repeated latency deviation alerts on a core link, validates the trend against historical data, and prioritizes carrier review before users begin reporting slowness.

Service Desk Lead

Enables notifications only for high-priority devices while suppressing non-critical ones during planned maintenance windows to reduce alert noise.

Infrastructure Engineer

Uses last offline timestamps and packet-loss signals to correlate recurring instability events with a specific WAN segment for root cause analysis.

IT Director

Reviews high-level online/offline and quality posture at a glance to understand operational risk and justify resilience infrastructure investments.

Platform Administrator

Manages device inventory, configures alert thresholds, and validates notification delivery with test sends before new monitoring campaigns go live.

MODULE 02 — DEEP INFRASTRUCTURE DIAGNOSTICS
🔬 Health Module
Deep Infrastructure &
Protocol Diagnostics

Sentral Health is the operational command center for network reliability. It gives operations teams a single place to detect, prioritize, and act on network and infrastructure issues before they become outages — from live monitoring through to executive-ready reporting.

3-LAYEREvent Model
NETCONFProtocol Integration
PDFAutomated Reports
TUNABLEHealth Scoring
 Health — Live Dashboard
Sentral Health Dashboard

Three-Layer Event Intelligence

Health separates protocol events, infrastructure events, and trend events into distinct channels — then rolls them up into a single, tunable warning/critical severity score.

🔌
Infrastructure Events

Hardware faults, fan removals, temperature spikes, PSU alarms, and chassis-level conditions that require immediate physical inspection.

🔀
Protocol Events

Routing adjacency changes, BGP state transitions, IS-IS L2 adjacency losses, OSPF neighbor flaps, and other control-plane instability signals.

📈
Trend Events

Utilization spikes, error rate deviations, interface drop increases, and traffic pattern anomalies detected through continuous baseline comparison.

🖥️
Hardware Visibility

Routing Engine CPU and memory, FPC slot state, DRAM/Heap/Buffer utilization, PSU and PEM health, fan speeds, temperature readings, and Virtual Chassis mastership.

🔗
Interface Analytics

Bandwidth utilization, error and drop counters, flap detection, optical Rx/Tx dBm power levels, LACP state, LLDP neighbors, and AE bundle balance verification.

📉
Graph Intelligence

Pin critical interfaces, compare traffic patterns side-by-side, track trend deviations over time, and archive graph snapshots for historical comparison and capacity planning.

🔔
Alert Operations Center

Acknowledge, silence, and reactivate active alerts. Full searchable alert history with CSV export. Severity state lifecycle from detection through resolution.

📄
Automated Reporting

Generate operational health PDFs on demand, deliver via email instantly, or schedule recurring reports — daily, weekly, or monthly — for stakeholder distribution.

🎛️
Configurable Thresholds

Tune warning and critical thresholds per device and metric. Control which conditions affect overall health scoring to match your operational risk tolerance.

Health — Technical Details

CapabilityTechnical Detail
Data CollectionDual-engine: Live UI Fetch for on-demand panel views (zero DB load), Background Snapshot polling for alert evaluation, trend retention, and scheduled reporting.
Protocol IntegrationNETCONF-based deep state gathering for BGP neighbors (peer address, AS, state, last transition), IS-IS adjacencies (level, state, transition count), OSPF neighbors, and LACP bundle state.
Hardware PollingRouting Engine CPU (1-min/5-min/15-min load averages), Memory utilization %, Temperature (°C), FPC slot status, DRAM/Heap/Buffer %, PEM and fan hardware alarms. Virtual Chassis VCP neighbor links and mastership role.
Interface TelemetryInbound/outbound throughput (Mbps/Gbps/% utilization), error and drop counters, flap events, optical Rx/Tx dBm, bias mA for degrading transceiver detection. LLDP neighbor discovery, LACP receive/transmit state, AE member in/out balance (Mbps).
Health ScoringDevices scored as Healthy / Warning / Critical based on configurable threshold evaluation. Three event domains (Protocol, Infrastructure, Trend) independently tracked and aggregated into a tunable composite health indicator.
Alert WorkflowAlerts include timestamp, device, component, severity, message context. State machine: Active → Acknowledged → Silenced → Reactivated. Alert history searchable and exportable as CSV.
Graph EngineLine charts for per-interface traffic over configurable time windows. Compare mode: side-by-side, relative (individual or paired maxima), and combined overlay. Snapshot archive for historical comparison.
Report FormatPDF health reports covering device posture summary, alert history, interface highlights, and hardware condition. Deliver on-demand or via daily/weekly/monthly scheduled email.
Device SafeguardsBuilt-in protection prevents polling overloads on stressed hardware. Reconciliation and audit controls validate alert coverage integrity.
🔧

Key Insight: Health goes beyond generic SNMP scraping. Component-level diagnostics — including FPC slot DRAM, optical transceiver dBm, and AE bundle balance — detect degradation and capacity threshold approaches long before service impact occurs. Built-in device safeguards prevent polling overloads on stressed hardware during incident conditions.

Who Uses Health

NOC Analyst

Uses the live dashboard and alert queue to detect critical device issues, acknowledges ownership in the alert workflow, and drills into hardware or interface panels to isolate impact quickly.

Senior Network Engineer

Uses interface analytics and protocol views to identify recurring degradation on key links, then schedules preventive remediation before the issue escalates to service impact.

Service Delivery Lead

Exports alert history and PDF health reports to provide customers with transparent incident timelines, recovery proof, and evidence for SLA discussions.

IT Director

Reviews scheduled health reports to track reliability posture, risk concentration, and operational improvement over time without needing direct dashboard access.

Capacity Planner

Uses pinned interface graphs, compare mode, and long-term trend views to identify utilization growth hotspots and build the data case for infrastructure upgrades.

Reliability Engineer

Tunes warning and critical thresholds to operational risk tolerance, validates that health scoring reflects actual business impact, and uses reconciliation tools to audit alert coverage.

MODULE 03 — LOG INTELLIGENCE & RULE-BASED ALERTING
📋 SmartLog Module
Raw Log Noise into
Actionable Intelligence

SmartLog centralizes device logs from across the network and applies real-time and scheduled detection rules to convert high-volume log streams into prioritized, targeted alerts — with full search and archive retrieval for investigations and compliance.

REAL-TIMERule Matching
SYSLOGIngestion
SEVERITY 0-7Log Levels
30-DAYAlert History
 SmartLog — Dashboard View
Sentral SmartLog Dashboard

The Four-Stage Detection Pipeline

SmartLog processes millions of raw device events through a structured filtering pipeline before surfacing only the events that require attention.

STAGE 01
Raw Log Stream

Millions of unorganized device events ingested continuously via Syslog. All vendors and platforms centralized in one place.

STAGE 02
Keyword List Filter

Reusable match sets applied across rules. Define once — detect IS-IS adjacency loss, login failures, commit events — reuse across multiple rules.

STAGE 03
Severity Ceiling

Configurable severity 0–7 ceiling per rule scoped to specific devices or any device. Only events meeting threshold surface as alerts.

STAGE 04
Actionable Output

Email escalation to configured recipients and a prioritized alert queue for triage, acknowledgment, and incident workflow management.

📊
Live Health Dashboard

Open alerts, acknowledged alerts, total alerts, log volume, disk capacity, and log throughput — all visible at a glance to assess current operational risk.

📚
Reusable Keyword Lists

Build shared match libraries once and attach them to multiple detection rules. Standardizes detection logic across teams and makes rule management consistent.

⏱️
Real-Time & Scheduled Rules

Create rules for immediate stream matching or periodic retrospective checks. Both modes supported with per-rule email configuration and device scoping.

🔍
Fast Log Search

Search recent logs by keyword and device with adjustable result limits. Immediate root-cause analysis during active incidents without waiting for archive retrieval.

📦
Archive Search & Retrieval

Search historical archived logs by date range and device. Download evidence files for post-incident reviews, compliance audits, and forensic investigations.

💾
Retention & Storage Controls

Configure retention period, archive location, and low-space cleanup threshold. Prevent storage incidents with automated housekeeping and capacity monitoring.

SmartLog — Technical Details

CapabilityTechnical Detail
Log IngestionSyslog receiver centralizing events from multiple devices and vendors. Throughput monitored in logs/second with dashboard visibility. Storage utilization tracked with low-space threshold alerting.
Detection RulesTwo execution modes: Real-time (stream matching as logs arrive) and Scheduled (periodic retrospective evaluation). Each rule references one or more keyword lists, a severity ceiling (0–7), optional device scope, and email enable/disable toggle.
Keyword ListsNamed lists of match strings (exact text or regex patterns). Reusable across multiple rules. Preview capability shows sample matching log entries before activation. List count visible per entry.
Alert LifecycleStates: Open → Acknowledged → Cleared. Acknowledge individual alerts or acknowledge-all. Full 30-day alert history with searchable filtering by rule name, device, and time range.
Log SearchReal-time search of recent log buffer by keyword or IP address. Adjustable result limit. Results returned in structured table: timestamp, device source, severity level, message. Device directory maps IPs to friendly hostnames.
Archive SystemLogs archived to configured storage location. Archive search by date range and device. Matching log files available for download as evidence artifacts. Supports compliance documentation and forensic investigation workflows.
Storage ManagementConfigurable retention period (days). Configurable archive target location. Low-space cleanup threshold triggers automated housekeeping. Disk utilization and remaining space visible on main dashboard.
Email NotificationsPer-rule email enable/disable. Centralized recipient configuration. Test-email action for delivery validation. Rapid escalation for high-priority rule matches.
Device DirectoryIP-to-hostname mapping for all monitored devices. Improves alert readability and reduces confusion during triage. Metadata maintained for operations clarity.

Who Uses SmartLog

NOC Analyst

Watches dashboard for spikes in open alerts. Acknowledges known events, investigates unknown ones in real-time search, and escalates serious matches through email notification rules.

Network Ops Manager

Creates reusable keyword lists for recurring failure patterns and applies scheduled rules to catch intermittent issues. Reviews alert history to identify chronic problem devices.

Security Operations Lead

Sets high-priority detection rules for suspicious log signatures including login failures, config commits, and privilege escalation. Uses archive search to investigate incidents over a wider date range.

Infrastructure Engineer

Maintains device naming and host metadata so alerts are clear and actionable. Tunes retention and low-space thresholds to prevent storage incidents from disrupting log collection.

Compliance Analyst

Uses archive search to pull historical log evidence for audit date ranges. Downloads log files for compliance documentation, incident reports, and regulatory review packages.

IT Director

Reviews dashboard trend indicators and alert volumes for risk visibility. Confirms operational discipline via acknowledgment workflows and uses historical records to support staffing and priority decisions.

MODULE 04 — CONFIGURATION RESILIENCE & RECOVERY
🛡️ Backup Module
Configuration Resilience &
Rapid Recovery

Sentral Backup gives operations teams a complete, automated, and auditable way to protect network configurations and recover fast when things go wrong. From scheduled capture through snapshot comparison to one-click restore — with full governance trails.

AUTOMATEDDaily / Weekly / Monthly
SPREADLoad Distribution
DIFFSide-by-Side Compare
AUDITFull Action Log
 Backup — Dashboard View
Sentral Backup Dashboard

Protect. Compare. Recover.

Sentral Backup protects network operations from configuration loss, failed changes, and recovery delays with a unified workflow spanning capture, validation, comparison, restoration, and compliance.

  • Automated backup scheduling with daily, weekly, and monthly options across individual devices or the entire fleet
  • Backup execution load-spreading (Randomize) distributes device backups into staggered groups to prevent network/CPU storms
  • Integrity validation on every captured backup — integrity failures surfaced prominently on the dashboard
  • Side-by-side snapshot comparison for expected vs. unexpected configuration drift detection before change windows
  • One-click restore of a known-good snapshot directly to supported devices — no manual CLI intervention required
  • Complete audit log of all download, delete, restore, and acknowledgment actions — downloadable for compliance review
  • Offsite backup transfer to configured remote targets with automated transfer windows and upload log visibility
  • Platform backup for the orchestrator itself — full disaster recovery of the backup system
Backup — Dashboard
42
Devices
40
Success
1
Failed
1
Pending
Device Backup Summary
PE1-CORESUCCESS
BRANCH-07FAILED
FW-NORTHPENDING
⚖️

Randomize Function: When scheduling fleet-wide backups, Sentral automatically groups devices and staggers execution — preventing the simultaneous device connection storm that crushes network bandwidth and CPU when all backups fire at 22:30.

📅
Automated Scheduling

Daily, weekly, or monthly schedules applied per device or fleet-wide. Enable/disable, edit, reload, or delete schedules quickly. Spread execution prevents backup storms.

🔄
Live Activity Tracking

Backup activity view updates continuously with outcomes. Open detailed run logs for troubleshooting failed backups. Clear visibility into current and recent backup health.

📂
Snapshot Library

Per-device backup history with newest snapshot highlighted. Actions: download, preview, compare, restore, delete. Older backups expandable on demand.

🔎
Config Comparison

Side-by-side diff of selected backup versions. Quickly spot exactly what changed between snapshots to validate expected vs. unexpected configuration drift.

Integrity Validation

Backup files validated automatically after capture. Integrity failures surfaced prominently. Failed integrity checks trigger immediate attention — no silent corruption.

☁️
Offsite Protection

Configure remote offsite targets and automated transfer windows. Upload log provides visibility and troubleshooting capability. Platform backup supports orchestrator-level DR.

Backup — Technical Details

CapabilityTechnical Detail
Device SupportMulti-vendor device families supported in a single inventory. Add via UI or bulk CSV import/export. Per-device and fleet-wide run-now capability. SSH key lifecycle management for device authentication.
Scheduling EngineDaily, weekly, and monthly recurrence options. Apply schedule to single device or all devices simultaneously. Randomize/Spread function groups devices and staggers execution start times to distribute load across backup windows.
Integrity ValidationEach captured backup file validated post-collection. Integrity check failures surface prominently in dashboard KPI cards and device backup summary. Prevents silent backup corruption from creating false confidence.
Snapshot LibraryPer-device versioned backup history. Actions per snapshot: download (raw config file), preview (in-browser), compare (diff against another version), restore (push to device), delete. Failure acknowledgment workflow clears reviewed items without deleting history.
Comparison EngineSide-by-side diff visualization of two selected config snapshots. Highlights added, removed, and changed lines. Supports pre/post change validation and unexpected drift detection.
Restore WorkflowSelect a known-good backup from the library and push directly to the supported device. Restore action captured in audit log with operator, timestamp, device, and version reference.
Audit LogImmutable action trail covering: download, delete, restore, acknowledgment, schedule create/edit/delete, settings changes. Downloadable audit report for compliance review and governance accountability.
Offsite TransferConfigure remote offsite storage target and automated transfer window. Maintains upload log per transfer cycle for visibility. Extends resilience beyond local snapshot storage.
NotificationsPer-backup event notifications. Per-schedule-cycle summary email. Daily aggregate summary. Test-email action for delivery validation. Centralized recipient management.
Platform BackupFull orchestrator/platform backup package creation. Supports complete disaster recovery of the Sentral Backup system itself. Independent of device-level backup operations.

Who Uses Backup

Network Ops Engineer

Monitors dashboard each morning, triages failed backups, reruns affected devices, and uses activity logs to pinpoint failure reasons — often before operators are aware of an issue.

NOC Supervisor

Applies standardized schedules across all devices fleet-wide. Uses the Randomize function to keep backup windows stable without requiring manual per-device timing management.

Change Manager

Uses pre-change and post-change snapshot comparison to validate that only expected configuration changes were applied — and rolls back immediately if unexpected drift is detected.

Compliance Analyst

Exports audit logs monthly for compliance evidence. Verifies who downloaded, deleted, or restored configurations and at what time — for regulatory and governance requirements.

Infrastructure Manager

Enables offsite sync and daily summary emails. Tracks overall backup coverage and reliability across the team for reporting to leadership and SLA accountability.

IT Director

Reviews summary metrics and failure trend visibility to assess operational resilience. Uses the data to support policy decisions around backup SLAs and recovery time objectives.

MODULE 02b — INTERFACE TRAFFIC GRAPHING & TREND INTELLIGENCE
📈 Health Graphs
Monitor. Compare.
Detect. Act Faster.

Sentral Health Graphs gives network teams a single operational graphing layer to monitor, compare, forecast, and act faster across real-time and historical network behavior — answering three questions instantly: what is happening now, is it normal, and where should we act first.

LIVE+ Historical
4Compare Modes
TRENDDeviation Alerts
DAILYAuto Reports
 Pinned Graphs — Live View
Sentral Graphs Dashboard

Three Operational Questions Answered

Every graph view in Sentral is designed to drive a decision, not just display data.

01
What is happening right now?

Pinned interface graphs give instant visibility into live throughput and utilization across your most critical links — no navigation required.

02
Is this behavior normal or drifting?

Trend deviation tracking continuously compares actual traffic against expected baselines, surfacing warning and critical states before users report problems.

03
Where should we act first?

Operational insight feeds — top utilization, error counts, flap events, and queue drops — direct attention to the interfaces that need it most.

Five Dedicated Graph Workspaces

📌
Pinned Graphs View

Operators pin business-critical interfaces to a dedicated workspace for continuous monitoring. Eliminates repeated navigation — your most important links are always one click away.

⚖️
Compare View

Side-by-side or baseline analysis across interfaces and time periods. Four analysis styles: Absolute, Relative (Own Max), Relative (Pair Max), and Overlay. Save comparisons to archive for evidence and audit.

📉
Trend Tracking View

Anomaly and deviation surveillance with continuous baseline comparison. Warning and critical thresholds surface drops and spikes before they escalate. Day-baseline comparison for business-cycle variance detection.

🗂️
Long-Term & Archive Views

Configurable retention with long-range historical graphing for capacity planning and performance reviews. Archive view stores saved snapshots and comparisons — downloadable for incident reports and governance.

The Compare Function

Teams often lose critical time determining whether a traffic shift is normal, change-related, or incident-driven. The Compare function provides immediate visual and metric-based confirmation — turning analysis from a manual investigation into a fast, repeatable workflow.

Comparison Modes
PAIR
Interface vs Interface

Compare two pinned interfaces over the same time window to identify load imbalances, routing asymmetry, or capacity differences between links.

DAY
Interface vs Prior Day

Compare one interface against a selected prior day aligned to the same time window. Detects abnormal variance tied to business cycles, maintenance changes, or recurring events.

Analysis Styles
Absolute — Raw traffic for true load comparison
Relative (Own Max) — Pattern comparison normalized per-interface peak
Relative (Pair Max) — Common-scale comparison for balanced interpretation
Overlay — Single-chart combined view for fast drift and divergence detection
Compare Workflow
01
Open Compare workspace
02
Select Pair or Day scope
03
Choose interface(s) and time period
04
Select analysis style
05
Review curves, peaks, and deltas
06
Save to archive for evidence

Graphs — Technical Details

CapabilityTechnical Detail
Graph TypesLine charts for inbound/outbound traffic rates. Metrics: throughput (Mbps/Gbps) and utilization (%). Both perspectives available per interface for correct load interpretation.
Time WindowsShort to long-horizon views — hourly through monthly. Configurable granularity for long-term retention. Both burst issue detection and slow drift visibility in one workflow.
Pinned WorkspaceOperators pin business-critical interfaces to a persistent workspace. Pinned interfaces always accessible without re-navigation. Selected interfaces auto-included in daily graph report emails.
Compare — Pair ModeTwo pinned interfaces compared over identical time windows. View as Absolute (raw load), Relative/Own Max (per-interface normalized), Relative/Pair Max (common scale), or Overlay (single combined chart).
Compare — Day ModeSingle interface compared against a user-selected prior reference day, time-aligned to the same window. Detects variance tied to business cycles, maintenance windows, or recurring traffic events.
Trend DeviationContinuous baseline tracking per interface. Threshold states: Normal / Warning / Critical. Deviation triggered by both spikes and drops. Day-baseline comparison for business-cycle anomaly detection.
Insight FeedsGraph workspace supported by linked analytics: uptime trend, top utilization ranking, error counter trends, interface flap events, and queue-drop visibility for faster root-cause direction.
Archive & RetentionGraph snapshots and compare results saved to archive. Configurable long-term retention for historical analysis. Snapshots downloadable as evidence artifacts for incident reviews and governance reporting.
Daily Report DeliverySelected interfaces auto-included in scheduled daily graph email summaries. Supports stakeholder visibility without requiring dashboard access. Delivery alongside Health module PDF reports.
📌
Pinned Interface Workspace

Pin critical interfaces for persistent monitoring. No repeated navigation — your most important links visible at all times in a dedicated graph workspace.

🔀
Multi-Mode Traffic Views

Switch between throughput (Mbps/Gbps) and utilization (%) perspectives. Each mode gives a different interpretation lens for load across diverse interface types.

⚖️
Compare Function

Interface-vs-interface and day-vs-day comparison across four analysis styles. Validates changes, confirms incidents, and supports capacity assumptions with visual evidence.

🎯
Trend Deviation Tracking

Continuously tracks actual vs. expected behavior. Warning/critical deviation states surface drops and spikes early. Day-baseline mode detects business-cycle-driven anomalies.

📦
Graph Archive Management

Saved snapshots and comparison results stored and downloadable. Provides evidence artifacts for post-incident reviews, stakeholder reports, and audit documentation.

📧
Daily Report Distribution

Pinned interfaces auto-included in scheduled daily graph email summaries. Stakeholder visibility without dashboard access — delivered alongside Health PDF reports.

What Graphs Produces

Live & Historical Traffic Graphs — Real-time and retained traffic data across short and long time horizons for any pinned interface.
Trend Deviation States — Normal / Warning / Critical indicators per interface based on continuous baseline comparison.
Day-over-Day Variance — Aligned comparison against a prior reference day to identify business-cycle and event-driven anomalies.
Archived Compare Snapshots — Downloadable visual evidence of before/after traffic states for incident documentation and audits.
Daily Graph Email Summaries — Automated stakeholder delivery of selected interface graphs without requiring dashboard access.
Supporting Health Indicators — Uptime trend, top utilization ranking, error counters, flap events, and queue-drop visibility linked to graph context.
💡

Business Value: Sentral Health Graphs delivers faster incident triage through consolidated graph intelligence, earlier risk detection via trend-based deviation signals, improved capacity planning using retained long-term traffic behavior, and reduced manual reporting burden with automated daily graph delivery and shareable visual evidence for cross-team communication.

Who Uses Graphs

NOC Engineer

Pins critical WAN and core interfaces. Uses trend deviation alerts as early warning before users report degradation. Opens compare mode during incidents to confirm whether behavior is change-related or anomalous.

Network Ops Lead

Uses day-compare mode to validate post-change traffic normalization. Runs pair compare on redundant links to confirm load balancing is working correctly after routing changes.

Performance Engineer

Uses long-term retention and historical views to identify utilization growth trends across key interfaces. Builds the data case for capacity upgrades with archived evidence from sustained peak periods.

Service Owner

Receives daily graph email summaries for business-critical links without requiring direct dashboard access. Uses archived compare snapshots as evidence in service review and SLA documentation.

Change Manager

Runs before/after compare immediately following a change window. Confirms traffic returned to expected baseline or escalates if divergence is detected. Saves comparison as change evidence artifact.

IT Director

Reviews daily graph summaries to track network utilization trends over time. Uses capacity planning data from long-term views to justify infrastructure investment decisions to leadership.

GET IN TOUCH — NETPIVOT
✉️ Contact Us
We're Here to
Help You.

Whether you need support, want to request a demo, or have a question about Sentral — our team is ready. Use the chatbot below for instant answers, or reach us directly via the contact details provided.

📧 General Enquiries
contact@netpivot.co.za
🎯 Request a Demo
demo@netpivot.co.za demo@netpilot.co.za
🛠️ Technical Support
support@netpivot.co.za support@netpilot.co.za
A product by
NETPIVOT
"Real engineers. Real networks. Real solutions."
🤖
Sentral Assistant
● ONLINE — Ask me anything about Sentral
🤖

Hi! I'm the Sentral Assistant. I can answer questions about Sentral's modules — Pulse, Health, SmartLog, Backup, and Graphs. What would you like to know?