The filtering capabilities in the Interactive Search feature offer users a powerful way to analyze and visualize traffic data.
| Table of Contents | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|
|
...
Shortcodes
Commonly used filter syntax templates are pre-defined and saved here. Click the Shortcodes field to use, edit, and delete these shortcodes.
...
Payload Expression field contains the word, “content”. Search will filter only those packets that contain the word, “content”, in its payload data. Payload expressions can take in regular strings with characters from a-z A-Z 0-9 or by using regular expressions RegEx.
Examples of regular expressions:
Type of Data | Example | Regular Expression |
|---|---|---|
Phone Number (US) | 800-999-0165 | [0-9][0-9][0-9]-[0-9][0-9][0-9]-[0-9][0-9][0-9][0-9] |
Date Format | Thu, 07 Sep 2023 14:33:15 | Thu, (([0-2][0-9])|3[0-1]) Sep 202[0-3] [0-2][0-4]:[0-5][0-9]:[0-5][0-9] |
HTTP Code | HTTP/1.1 200 OK | HTTP/[0-1].[0-1] 200 OK |
HTTP Code | HTTP/1.1 304 | HTTP/[0-1].[0-1] 30[0-9] |
HTTP Code | HTTP/1.1 403 | HTTP/[0-1].[0-1] 40[0-9] |
Filter
Shows all the nodes or only 10% of the traffic with nodes having the large number of packets.
...
Top Talkers option, can iterate through the top talkers
Searched Nodes, iterates through nodes you’ve double-clicked.
IP Highlight iterates through highlighted nodes.
150+ Supported protocols, including:
ARP, ATM, ASTERIX, AR_DRONE, BGP, BITCOIN, BITTORRENT, BOOTP, BMC, CFLOW, CUPS, DHCP DIAMETER, DNS, EIGRP, ERSPAN, FC, FCOE, FTP, GPRS, GRE, GTP, GTPV2, H.265, H.323, HDFS, HTTP, HTTP2, HTTPS(SSL), ICMP, IGMP, IRC, ICMP/V6, IP, IPV6, ISCSI, LAPD, LDAP, LLC, MAC, M3UA, MMS, MQTT/SN, MPLS, NETBIOS, NFS, NTP, NSTRACE, OPENFLOW, OSFP, PTP, POP, PPPOE, QUIC, RANAP, RPC, RSS, SSL, SCTP, SDH, SFLOW, SIP, SKYPE, SMB, SMTP, SNMP, SSH, STP, SYSLOG, TACACS, TACPLUS, TCP, TFTP, TLS, UDP, UDPENCAP, USERLOG, VLAN, VNC, VTP, WEBSOCKET, WLAN, WOL, WMX, X11, X.509, XML, YAML, YPBIND
...