kentik Product Updates logo
Back to Homepage Subscribe to Updates

Product Updates

Latest features, improvements, and product updates on Kentik's Network Observability platform.

Labels

  • All Posts
  • Improvement
  • Hybrid Cloud
  • Core
  • Service Provider
  • UI/UX
  • Synthetics
  • Insights & Alerting
  • DDoS
  • New feature
  • BGP Monitoring
  • MyKentik Portal
  • Agents & Binaries
  • Kentik Map
  • API
  • BETA
  • Flow
  • SNMP
  • NMS
  • AI

Jump to Month

  • April 2025
  • March 2025
  • February 2025
  • January 2025
  • December 2024
  • November 2024
  • October 2024
  • August 2024
  • July 2024
  • June 2024
  • May 2024
  • April 2024
  • March 2024
  • February 2024
  • January 2024
  • December 2023
  • November 2023
  • October 2023
  • September 2023
  • August 2023
  • July 2023
  • June 2023
  • May 2023
  • April 2023
  • March 2023
  • February 2023
  • January 2023
  • December 2022
  • November 2022
  • October 2022
  • September 2022
  • August 2022
  • July 2022
  • June 2022
  • May 2022
  • April 2022
  • March 2022
  • February 2022
  • December 2021
  • November 2021
  • October 2021
  • September 2021
  • July 2021
  • June 2021
  • May 2021
  • March 2021
  • February 2021
  • January 2021
  • December 2020
  • October 2020
  • September 2020
  • June 2020
  • February 2020
  • August 2019
  • June 2019
  • April 2019
  • March 2019
  • February 2019
  • January 2019
  • December 2018
  • November 2018
  • September 2018
  • August 2018
  • June 2018
  • May 2018
  • April 2018
  • March 2018
  • February 2018
  • January 2018
  • December 2017
  • November 2017
  • October 2017
  • July 2017
  • June 2017
  • May 2017
  • April 2017
  • March 2017
  • February 2017
  • January 2017
  • December 2016
  • November 2016
  • October 2016
  • April 2016
ImprovementSyntheticsNew feature
4 years ago

Synthetic Monitoring: November/December 2020 Update

Driven by strong interest since its launch a couple of months ago, our Synthetics Monitoring product added a slew of new features that are sure to delight. Here is a summary of the significant additions and changes that happened over the months of November and December 2020.


Web - HTTP Server Test

The new HTTP Server Test allows you to quickly set up an HTTP GET style test to a web server and optionally run ping tests towards the resolved IP address. Depending on whether you are a network engineer mainly interested in whether a server is reachable or an application engineer interested in the specifics of what is causing an application to be unresponsive, we’ve got you covered with custom HTTP error codes. Any error codes you specify will be treated as a “pass” if returned by the web server.


Test results for the HTTP Server Test show the status code and the average time to last byte metrics, and the response size so you can spot anomalies in the amount of data returned from the requests.

DNS - Server Monitor Test

The new DNS Server Monitor Test allows you to test the performance of one or more DNS servers associated with a hostname.

Test results show you the resolution time and any returned results (NS, MX, A, AAAA records…).

Traceroute-based Network Path View

The traceroute-based network path view is a beautiful traffic visualization as it flows from your test points (agents) to specific endpoints (IP hosts, web servers, DNS servers or even other agents). It shows a hop by hop view and makes it very easy to quickly dig down to the root of the problem that is causing performance problems in your network and impacting your end-users’ experience with your applications.

  • View hop-by-hop path from source to destination, with nodes color-coded to reflect the Autonomous System (AS) of which they are part.
  • Highlight links that exceed a certain latency and nodes that exceed a certain loss to narrow down the problem and then filter down to specific agents to reduce the amount of traces and easily find the problem’s source.
  • Use the traceroute explorer to quickly identify changes in AS_Path and the number of hops that may be impacting performance.
  • Collapse nodes down to Autonomous Systems (ASNs) to quickly know which specific network the problem may be.
    • Click on any node to view detailed information including, AS name and number, geo-location, ingress and egress interface type, utilization and capacity.

Alert Incident Log

Alerts can be configured per test while creating tests and will show up in the new Incident Log on the Performance Dashboard.

  • Select a time range and then hover over a specific time slice to see a summary count and any alerts opened during the selected time slice
  • Quickly zoom in on active alerts and follow the links to the specific test
    • For cleared alerts, the start and end times are displayed

Alerts are triggered based on preset or user-defined test health criteria (for warning, critical states) and based on user-defined alert policies that can be configured per test.

Alert Notifications (Email, Slack and more)

Get notified as soon as an alert is fired via email, Slack or your notification system of choice through a custom webhook.

Configurable Test Health Thresholds

Different applications have different requirements for performance. Some may be more tolerant towards jitter while others may not. Configurable threshold for packet loss, jitter, latency, and time to last byte allows you to control what is considered a healthy or an unhealthy test result.

PDF Exports

Easily export data from the Performance Dashboard, the Test Control Center and the Agent Management page. Exporting as a PDF runs in the background and notifies you through a banner.


Autonomous Testing Enhancements

Autonomous tests are a Kentik-unique concept that free you from the burden of identifying specific destination IP addresses and setting up tests one by one by leveraging real flow data to find, automatically set up and periodically refresh network tests.

You start by picking a specific type of entity (ASN, CDN, country, region or city) that you would like to test performance towards. Kentik shows you a list of entities of a specific type, ordered by the amount of traffic you have going towards it.

Selecting an entity (like an ASN or CDN) starts to run a query automatically for the top sites with traffic towards that entity. Testable sites without agents have a recommendation to “Add Agent.”

Get a quick description of the test by clicking the help link.

Dynamic Flow (Real Traffic) Charts in Test Details

The static sparklines representing the correlated flow traffic in the synthetics test details pages are now dynamic and interactive to allow for a more straightforward correlation of spikes to real traffic. Inbound and outbound traffic now span the entire horizontal space and are arranged one above the other to improve usability.


Avatar of authorSunil Kodiyan
ImprovementHybrid CloudKentik Map
4 years ago

Hybrid Maps Support for Path Visualization

Hybrid Maps now supports path visualization in all of our layouts. With Hybrid Maps, NetOps teams gain an immediate and single, unified view to understand topology state, traffic flows, network performance and device health status within and between multi-cloud, on-prem and internet infrastructures.

To see the new path visualization, apply a sidebar filter to express the traffic you want to see visualized in the maps.

Sidebar filter showing SSH traffic to/from an IP address
Avatar of authorChristoph Pfister
CoreNew featureAgents & Binaries
4 years ago

Introducing Kentik Firehose

The Kentik Network Observability Platform provides the most comprehensive data across all public, private, and hybrid networking environments, including flow records, streaming telemetry, SNMP data, device configurations, and synthetic performance metrics. 

With Kentik Firehose, you can now send all this data from Kentik into your application monitoring tools (e.g., New Relic, Splunk, InfluxDB, Elasticsearch, AWS S3, etc.), and publishing platforms (e.g., Kafka, AWS Kinesis, Google Pub/Sub, etc.).

For further information see the Kentik Firehose Solution Overview. 


Firehose closes the network observability gap and lets you uncover insights, and effectively troubleshoot your apps with full context and data about your networks included in the tools you use.

Firehose exports enriched network traffic data to your analytical systems

Examples of exportable data include:

  • Flow data from NetFlow, sFlow, IPFIX
  • VPC flow logs from all major public clouds
  • Streaming telemetry from all major vendors (Juniper, Cisco, Arista)
  • SNMP device metrics (CPU, memory, network interface)
  • Synthetic measurements
  • Internet, ISPs, CDNs
  • Correlated and context enriched data from the customer’s application, infrastructure, geo-location, business environment, and other customer-defined dimensions

Data formats include:

  • Output formats: JSON, NetFlow, AVRO, InfluxDB line protocol, Prometheus endpoint
  • Compression algorithm: none, gzip, snappy, null, deflate
  • Data sinks: .Net, Kafka, Kentik, stdout, file, New Relic, HTTP, Splunk, and more coming
  • Rollups groups: type, metric, dimension 1, dimension 2, …, dimension n.
  • Filters: string, src_addr, ==, 12.0.1.2

Customers are using Kentik Firehose to:

  • Troubleshoot performance in complex application environments. Network data from Kentik allows teams to understand application performance in context.
  • Combine network and infrastructure data all in one place for analysis and storage. IT teams use Firehose to send data to other systems like data lakes, with formats like JSON and AVRO. This data enables more cost-effective storage and the ability to perform complex analysis, with the data all in a single place.
  • Enhance cross-domain analytics to detect threats. Security and risk management teams can correlate Kentik’s Firehose data to rapidly detect, analyze, investigate, and actively respond to threats. Using data like geolocation and network flow allows for a better understanding and easier identification of threats.


Avatar of authorDuĊĦan Pajin
ImprovementCore
4 years ago

Site, Device & Interface Settings screen additions

Site IP Classifications

Site IP Classification provides a way to define what site traffic originates from or what site traffic terminates to. This is particularly useful for our enterprise network customers to be able to track which data centers, branch offices, infrastructure hosts, or even employees are utilizing the network.

The configuration of this mapping is in the Manage Sites page in the settings.

In the following dialog, provide a comma separated list of IP CIDRs of the appropriate networks that are located at a particular site. Doing this configuration will tag each of your traffic flows with the appropriate values in the following dimensions:

  • Site by IP: The site name based on the site IP mapping
  • Site Type by IP: The site type (Data Center, Cloud, Branch/Building, Connectivity PoP, Customer/Partner, Other) based on the Site IP Mapping
  • IP Type (to be released soon): The IP Type (Infrastructure Networks, User Access Networks, Other IPs) based on the Site IP Mapping

New Settings Details Sidebar

Usability and design are very important to us at Kentik. We constantly look for ways to improve the readability and utility of the information that is presented. More importantly, we respond to our customer feedback. We have updated the design of a few of our most-used setting pages to provide a cleaner and more organized presentation of the most important aspects of your network — Interfaces and Devices. Take a look and let us know what you think by submitting your input via the “Feedback” link at the top right of the Kentik window.



Avatar of authorGreg Villain
ImprovementHybrid CloudCoreKentik Map
4 years ago

Hybrid Network Visibiity: October 2020 Update

sFlow Improvements For Visibility

We have identified a way for customers who run the sFlow protocol to achieve the benefits and visibility offered by Hybrid Maps and other portions of the product. sFlow sends Kentik per-flow byte counts attributed to physical interfaces, while most network operators configure IP addressing logical sub-interfaces. This leads to a disjointed experience in Kentik as our mapping services draw connections between devices based on the interface ID, where we find IP addresses configured. The queries needed to understand the data flowing between the devices rely upon a completely different interface ID.

To support this situation, users must supply a manual mapping of interface IDs to VLAN interface IDs. We have developed example code on how this can be automated using Juniper devices interface and VLAN names. Before running the code, the user will also need to configure the device using the new “Advanced sFlow” device type. Once the device has been modified, and a map supplied, the user can make use of three new dimensions:

  • Source Physical Interface and Destination Physical Interface — the original physical interface index sent via sFlow. This is useful for filtering and grouping by the physical interface. It is also helpful for auditing the remapping correctness.
  • VLAN Rewrite Occurred — the number of interface rewrites that occurred for this record. This is useful troubleshooting.
Users can take advantage of three new dimensions for remapped sFlow devices.


Layer 2 Support on Hybrid Maps

A new selector is available on the Hybrid Network Maps to select how Kentik draws connections between devices. Users can now choose to draw connections using layer 2, layer 3 or both.

Layer 2 connectivity requires that users run the LLDP protocol and allow Kentik to poll this data over SNMP. We will then find matches that only exist at layer 2.

An example of the Kentik demo system infrastructure when only displaying layer 2 connections.

Layer 3 connectivity was supported previously. Device adjacencies are determined by finding IP addresses that share a subnet smaller than a /24. We create matches for site-to-site adjacencies with the following connectivity types: Backbone, Data Center Interconnect and Device Aggregation. For device adjacencies in the site layouts, connections are displayed between devices sharing a subnet as long as the connectivity type is not configured as “Host.”

An example of the Kentik demo system infrastructure when only displaying both layer 2 and layer 3 connections.

This metadata is also visible on the interface admin page:

The metadata used to support layer 2 and layer 3 for Hybrid Maps can be displayed on the interface admin page.

New Onboarding Options

We are continuing to improve onboarding options to give customers and prospects more flexibility in learning about and evaluating Kentik. We now have separate paths for customers interested in flow, synthetics or a guided demo mode. The options will appear clearly on the revised onboarding page.

We have started to add guided, in-product demos of real-world use cases. We are starting with two different situation demos: 1. Troubleshoot VPN Issues or 2: Manage Network Costs. We expect to add an expanding list of use case situations over time.

For Kentik users onboarding, we have introduced a new guided demo mode for specific use cases — troubleshooting VPN issues, in this case.
Avatar of authorChristoph Pfister
ImprovementSynthetics
4 years ago

Synthetic Monitoring: October 2020 Update

Kentik's Product and Engineering teams are at it again this October 2020: a whole batch of new features have been delivered to delight our Synthetic Monitoring users - test configuration options got extended to allow the following

  • we added 1 second test frequencies
  • IPv4/v6 granular test configs
  • new Network Test protocol choices

Read on and enjoy!


Testing Frequency

Kentik has introduced new testing frequency options that range from every 15 seconds down to every second. Furthermore, we have structured pricing for sub-minute synthetic tests to be very attractive. Kentik asks, “Your traffic is continuous, so why isn’t your synthetic testing?”

For the first time in the industry, Kentik makes synthetic testing practical for mission-critical applications such as machine, factory and warehouse automation, where high-frequency testing is required, missing nothing.

Only Kentik makes continuous synthetic testing affordable. Continuous testing is critical for latency-sensitive use cases such as machine automation.


Per Test Configuration Options

We’ve added new options under the Advanced menu when creating new tests. Users can increase the number of probes sent per test (to gather more data points) or dial it down (to prevent flooding the network).

When editing in Test Control Center, the Advanced Options menu has several new options.

IPv4/v6

Users can now control whether a test will target both IPv4 and IPv6 addresses or just one type. This is particularly useful in Hostname and Autonomous tests, where we find a mix of IPv4 and IPv6 addresses.

Users now have the option of controlling whether a test will target both IPv4 and IPv6 addresses.


TCP “Ping”

Choosing TCP (as an alternative to ICMP) at test creation time and specifying a destination port to test towards will result in a test that will send a certain number of TCP SYN probes and either expect a SYN-ACK or RST in response. This is currently only applicable to ping tests (not trace) and requires ksynth (agent) 0.0.6 or newer.

Users can choose TCP as an alternative to ICMP at test creation time.


Reverse Path for Site-Mesh tests

Hovering over a subtest in a site-mesh test will now show path metrics in both directions and highlight both tests.

Hovering over a subtest in a site-mesh test shows path metrics in both directions and highlights both tests.
Avatar of authorSunil Kodiyan
CoreNew feature
4 years ago

Audit Log is here


This feature exposes the current audit log, with some minor enhancements, to administrators of Kentik. Audit Log helps avoid configuration errors or confusion between administrators as they make changes to the various configurations in Kentik. Audit Log also provides a layer of accountability to prevent unauthorized changes that may impact the customer’s security posture. The ability to zero in on changes, find misconfigurations, and find root causes are typical benefits of Audit Log.


Avatar of authorGreg Villain
ImprovementMyKentik Portal
4 years ago

My Kentik Portal Custom Dimension Support

My Kentik Portal tenants are now able to partition flows across their tenants, leveraging custom dimensions. For example, this can be useful for tenants, provisioned on a layer two network, where their port’s MAC address uniquely identifies them.

Any number of Custom Dimensions are supported. Each Custom Dimension selection is OR’ed. This is supported via a User Filter. You can automatically replace filters in dashboards that match tenants’ custom dimension definitions to provide inbound and outbound dashboarding capabilities.

Avatar of authorGreg Villain
ImprovementInsights & Alerting
4 years ago

Interface Utilization Spike & Interface Utilization Drop Insights

Interface Utilization Spike and Interface Utilization Drop Insights are Kentik Insights that automatically analyze interface utilization changes via the SNMP interface input bit rate. An Insight is fired when it detects a particular pattern of utilization.

Additionally, we have developed an algorithm that processes flow data associated with this interface and finds the best fitting root cause of the spike/drop. This Kentik Insight brings together SNMP interface metrics with Flow traffic. And our first Insight does two layers of algorithms.

Avatar of authorJoe Reves
ImprovementHybrid Cloud
4 years ago

AWS Cloud Observability Enhancements


  • As suggested by several users, we’ve added the AWS Interface ID back into the platform for use in the Data Explorer, Dashboards, and Alerting. This is useful for users that want to filter their views to zoom in traffic that flows through specific Elastic Network Interfaces (EINs), such as load balancers, ingest nodes, or VPN/Internet gateways.
  • We’ve added support for the AWS V4 VPC Flow Log format. This log format allows users to specify new fields and create customized export templates.
Avatar of authorChristoph Pfister