Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents
minLevel2
maxLevel2

Interactive Search

Expand
titleWork Flow
  1. Log in PureInsight

  2. Interactive Search (Refer to Interactive Search)

  3. Check node details

  4. Double-click neighbors to fill out Inline Search criteria (Refer to Graph Properties/Rules)

  5. Run Search

  6. Change the graph layout to see the network toptalkers

  7. Slide the “Current Devices Shown” slide

  8. Change Packet Display Limit

  9. Search with Inline Seach: udp

  10. Click the “Result” button to download the output PCAP file

  11. Open the file on Wireshark to do further investigation

  12. Click the “Reports” button to download the node reports CSV

...

Usage Analysis

Expand
titleWork Flow
  1. Usage Analysis (Refer to Usage Analysis)

  2. Change Stream Display Limit

  3. Hover over a host to see the detailed information

  4. Change the stream layout

  5. Click the “Export CSV” button to download the file

  6. From the tooltip, click the “Search” button and the page will direct users to Interactive Search

  7. Inline Search is filled with information

  8. Run the Interactive Search

...

Malicious Nodes

Expand
titleWork Flow
  1. Interactive Search

  2. Malicious Nodes have a red blur (Refer to Malicious Nodes)

  3. Change the graph layout to the “List”

  4. Click Malicious node IP Address to see detailed information on the Cisco Talos page

...

PCAP Monitoring

Expand
titleWork Flow
  1. Log in QManager and start Start capturing network data on QManager (Refer to Capture)

  2. Go to the Monitoring dashboard on PureInsight

  3. See the live performance of the packet capture

  4. Save the graph image

...

VLAN Strip

...

VLAN Strip Inner IP Outer ETH

...