Graph Layouts
Interactive Search can display 5 different graphs.
...
Default State | Double Clicked Nodes | Hovered | IP Search Highlight | MAC Address Match |
|---|---|---|---|---|
  |   |   |   |  |
Some nodes will have a blue or a red orange look. Blue links are multicast, orange are broadcast. Multicast if first 8 bytes of IP are between 233 and 239 exclusive. Broadcast if any IP segment is 255. | Double clicked Nodes will show all neighboring nodes and links in green (regardless if multi/broad cast). The node’s stroke (border) will be black. Double clicked nodes will have a green blur around the node and text. Double clicking an already searched node will change to default styling. | Neighboring nodes and links have a darker stroke. | The input is based on regex, so if the input is 10.5, nodes with *10.5* should be rectangles, and the IP label has a orange blur. Neighboring nodes and links that have been part of a double click search or a matched regex search, have a dashed and magenta stroke. | When hovering over a node, nodes with matching MAC addresses will be highlighted blue. |
Hovered Double click | Malicious Nodes | Overlap I | Overlap II |
|---|---|---|---|
  |  |   |
|
Neighboring nodes and links that have been part of a double click search or a matched regex search, have a dashed and magenta stroke. | Malicious Nodes are nodes that appear on the Talos IP list website. These are IP’s listed in pureinsight/data/ip_blacklist.csv These nodes have a red blur. The Tooltip of the node has a link to the Talos lookup page. It can also be seen in Layouts. | Sometimes many of the styling’s will overlap. At least one of the styling rules must be present if there are multiple matches on a node. | Sometimes many of the styling’s will overlap. At least one of the styling rules must be present if there are multiple matches on a node. |
...