# Unusual Network Interface Traffic Volume

Detecting an unusual volume of traffic to or from a network interface is critical for maintaining network security and performance. Network interfaces serve as the points of communication between a computer and a network; therefore, monitoring the traffic passing through these interfaces is essential. Anomalies in traffic volume can indicate various issues, ranging from technical problems like network congestion or hardware malfunctions to security threats like Distributed Denial of Service (DDoS) attacks, unauthorized data exfiltration, or infiltration attempts. Early detection of these anomalies enables network administrators to quickly diagnose and address the underlying causes, thereby preventing potential network disruptions, data breaches, or performance degradation.

ElastiFlow provides a collection of anomaly detection jobs designed to identify unusual volumes of traffic to or from a network interface includes several targeted monitoring and analysis techniques.

## Attributes

| Attribute    | Information |
| ------------ | ----------- |
| **Analysis** | temporal    |

## Downloads

| Schema    | Direction   | Metric      | Link                                                                                                                                                                                            |
| --------- | ----------- | ----------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| **CODEX** | **ingress** | **bytes**   | [elastiflow\_codex\_perf\_netif\_ingress\_thruput\_bytes](https://github.com/elastiflow/elastiflow_for_elasticsearch/raw/master/ml/codex/performance/perf_netif_ingress_thruput_bytes.json)     |
| **CODEX** | **ingress** | **packets** | [elastiflow\_codex\_perf\_netif\_ingress\_thruput\_packets](https://github.com/elastiflow/elastiflow_for_elasticsearch/raw/master/ml/codex/performance/perf_netif_ingress_thruput_packets.json) |
| **CODEX** | **ingress** | **flows**   | [elastiflow\_codex\_perf\_netif\_ingress\_thruput\_flows](https://github.com/elastiflow/elastiflow_for_elasticsearch/raw/master/ml/codex/performance/perf_netif_ingress_thruput_flows.json)     |
| **CODEX** | **egress**  | **bytes**   | [elastiflow\_codex\_perf\_netif\_egress\_thruput\_bytes](https://github.com/elastiflow/elastiflow_for_elasticsearch/raw/master/ml/codex/performance/perf_netif_egress_thruput_bytes.json)       |
| **CODEX** | **egress**  | **packets** | [elastiflow\_codex\_perf\_netif\_egress\_thruput\_packets](https://github.com/elastiflow/elastiflow_for_elasticsearch/raw/master/ml/codex/performance/perf_netif_egress_thruput_packets.json)   |
| **CODEX** | **egress**  | **flows**   | [elastiflow\_codex\_perf\_netif\_egress\_thruput\_flows](https://github.com/elastiflow/elastiflow_for_elasticsearch/raw/master/ml/codex/performance/perf_netif_egress_thruput_flows.json)       |
| **ECS**   | **ingress** | **bytes**   | [elastiflow\_ecs\_perf\_netif\_ingress\_thruput\_bytes](https://github.com/elastiflow/elastiflow_for_elasticsearch/raw/master/ml/ecs/performance/perf_netif_ingress_thruput_bytes.json)         |
| **ECS**   | **ingress** | **packets** | [elastiflow\_ecs\_perf\_netif\_ingress\_thruput\_packets](https://github.com/elastiflow/elastiflow_for_elasticsearch/raw/master/ml/ecs/performance/perf_netif_ingress_thruput_packets.json)     |
| **ECS**   | **ingress** | **flows**   | [elastiflow\_ecs\_perf\_netif\_ingress\_thruput\_flows](https://github.com/elastiflow/elastiflow_for_elasticsearch/raw/master/ml/ecs/performance/perf_netif_ingress_thruput_flows.json)         |
| **ECS**   | **egress**  | **bytes**   | [elastiflow\_ecs\_perf\_netif\_egress\_thruput\_bytes](https://github.com/elastiflow/elastiflow_for_elasticsearch/raw/master/ml/ecs/performance/perf_netif_egress_thruput_bytes.json)           |
| **ECS**   | **egress**  | **packets** | [elastiflow\_ecs\_perf\_netif\_egress\_thruput\_packets](https://github.com/elastiflow/elastiflow_for_elasticsearch/raw/master/ml/ecs/performance/perf_netif_egress_thruput_packets.json)       |
| **ECS**   | **egress**  | **flows**   | [elastiflow\_ecs\_perf\_netif\_egress\_thruput\_flows](https://github.com/elastiflow/elastiflow_for_elasticsearch/raw/master/ml/ecs/performance/perf_netif_egress_thruput_flows.json)           |

By utilizing this suite of anomaly detection jobs, organizations can swiftly identify and investigate unusual traffic patterns on network interfaces. This prompt identification is crucial in taking immediate corrective actions, such as adjusting network configurations, enhancing security protocols, or resolving potential hardware issues. Effective monitoring and management of traffic to and from network interfaces are vital for ensuring network security, reliability, and optimal performance in an increasingly interconnected digital environment.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.elastiflow.com/data_platforms/elastic/ml/perf/netif_thruput.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.