Segmentation Monitoring enforces guardrails on the number of application mapped to a single compute (VM or IP) when displaying flows. If a source or destination compute is associated with multiple application , some may not be mapped to the flow. Consequently, the flow will not be visible within the flow details of those specific application.

SSP 5.1.0

Use the following commands to determine the maximum number of applications within a flow and identify any computes associated with more than 25 applications. Issues typically arise when a single compute belongs to more than 25 applications, or when the combined application count of both the source and destination computes exceeds 25.

(1) Use the following command to log into the druid broker pod

k -n nsxi-platform exec -it svc/druid-broker -- bash
Defaulted container "druid" out of: druid, wait-for-druid-s3-provisioning (init), init-conf (init)
druid@druid-broker-7bfbb4988d-rccrx:/opt/druid$

(1) Find maximum number of applications in a flow. If any of the counts exceeds 25, some applications may not display all the flows.

curl -ks -H 'content-type:application/json' https://localhost:8282/druid/v2/sql -d '{"query":"select max(MV_LENGTH(srcMonitoredApplicationIds)) as maxSrcMonitoredApplicationIds, max(MV_LENGTH(dstMonitoredApplicationIds)) as maxDstMonitoredApplicationIds, max(MV_LENGTH(unprotectedApplicationIds)) as maxUnprotectedApplicationIds, max(MV_LENGTH(additionalApplicationIds)) as maxAdditionalApplicationIds from correlated_flow_viz"}'

(2) If any of the application counts above exceeds 25, you may use the following to find source and destination computes that belong to more than 25 applications. 

curl -ks -H 'content-type:application/json' https://localhost:8282/druid/v2/sql -d '{"query":"select srcVmId,dstVmId, max(MV_LENGTH(srcMonitoredApplicationIds)) as maxSrcMonitoredApplicationIds from correlated_flow_viz group by srcVmId,dstVmId having maxSrcMonitoredApplicationIds>25"}'

curl -ks -H 'content-type:application/json' https://localhost:8282/druid/v2/sql -d '{"query":"select srcVmId,dstVmId, max(MV_LENGTH(dstMonitoredApplicationIds)) as maxDstMonitoredApplicationIds from correlated_flow_viz group by srcVmId,dstVmId having maxDstMonitoredApplicationIds>25"}'

curl -ks -H 'content-type:application/json' https://localhost:8282/druid/v2/sql -d '{"query":"select srcVmId,dstVmId, max(MV_LENGTH(unprotectedApplicationIds)) as maxUnprotectedApplicationIds from correlated_flow_viz group by srcVmId,dstVmId having maxUnprotectedApplicationIds>25"}'

curl -ks -H 'content-type:application/json' https://localhost:8282/druid/v2/sql -d '{"query":"select srcVmId,dstVmId, max(MV_LENGTH(additionalApplicationIds)) as maxAdditionalApplicationIds from correlated_flow_viz group by srcVmId,dstVmId having maxAdditionalApplicationIds>25"}'

(3) Use exit to exit the pod

druid@druid-broker-7bfbb4988d-rccrx:/opt/druid$ exit
exit

We recommend adhering to existing guardrails: each compute should belong to fewer than 25 applications, and the total number of applications in a single flow (including both source and destination) should not exceed 25.

If your requirements fall between 25 and 50 applications, you may also open a case with Broadcom support to discuss system tuning.