How are "talkers" and "listeners" defined

Q. How do you define what is classed as a "talker" and a "listener" in IMFlows?

A. When a CISCO or other flow exporter reports on a 'flow', there is indicated a sending IP address and a destination IP address, a packet count, and a byte count. If looking for 'talkers', Flows counts the bytes (and packets) towards the sending IP address; if looking for 'listeners', Flows count them towards the destination.

In a bilateral session scenario, we might see something like:
A.B.C.D -> 1.2.3.4 5 pkts 100 bytes
1.2.3.4 -> A.B.C.D 7 pkts 120 bytes

In this case, looking at 'talkers', we'd see:
A.B.C.D 5 pkts 100 bytes
1.2.3.4 7 pkts 120 bytes

Looking at listeners we'd see:
1.2.3.4 5 pkts 100 bytes
A.B.C.D 7 pkts 120 bytes

In the 'both' case:
1.2.3.4 12 pkts 220 bytes
A.B.C.D 12 pkts 220 bytes

How are "talkers" and "listeners" defined

+1 800-328-1000

[email protected]

Infrastructure Protection & Data Security

Managed Security Services

Automation

IBM i