Page Comparison

Log in PureInsight

Interactive Search (Refer to Interactive Search)

Check node details

Double-click neighbors to fill out Inline Search criteria (Refer to Graph Properties/Rules)

Run Search

Change the graph layout to see the network toptalkers

Slide the “Current Devices Shown” slide

Change Packet Display Limit

Search with Inline Seach: udp

Click the “Result” button to download the output PCAP file

Open the file on Wireshark to do further investigation

Click the “Reports” button to download the node reports CSV

Usage Analysis (Refer to Usage Analysis)

Change Stream Display Limit

Hover over a host to see the detailed information

Change the stream layout

Click the “Export CSV” button to download the file

From the tooltip, click the “Search” button and the page will direct users to Interactive Search

Inline Search is filled with information

Run the Interactive Search

Interactive Search

Malicious Nodes have a red blur (Refer to Malicious Nodes)

Change the graph layout to the “List”

Click Malicious node IP Address to see detailed information on the Cisco Talos page

Start capturing network data on QManager (Refer to Capture)

Go to the Monitoring dashboard on PureInsight

See the live performance of the packet capture

Save the graph image

Set filter alerts in Alerts (Alerts )

Traffic the capture on the QP series

Check the alert graph and zoom in on the spike

Hover over the top portion of the spike and see the timestamp

Search before and after time in Interactive Search (To extract the data)

Inspect more in Flow Analysis

Download a PCAP file