Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 13 Next »

Interactive Search

 Work Flow
  1. Log in PureInsight

  2. Interactive Search

  3. Check node details

  4. Double-click neighbors to fill out Inline Search criteria

  5. Run Search

  6. Change the graph layout to see the network toptalkers

  7. Slide the “Current Devices Shown” slide

  8. Change Packet Display Limit

  9. Search with Inline Seach: udp

  10. Click the “Result” button to download the output PCAP file

  11. Open the file on Wireshark to do further investigation

  12. Click the “Reports” button to download the node reports CSV

interactive search.mp4

Usage Analysis

 Work Flow
  1. Usage Analysis

  2. Change Stream Display Limit

  3. Hover over a host to see the detailed information

  4. Change the stream layout

  5. Click the “Export CSV” button to download the file

  6. From the tooltip, click the “Search” button and the page will direct users to Interactive Search

  7. Inline Search is filled with information

  8. Run the Interactive Search

usage analysis.mp4

Malicious Nodes

 Work Flow
  1. Interactive Search

  2. Malicious Nodes have a red blur (Refer to Malicious Nodes )

  3. Change the graph layout to the “List”

  4. Click Malicious node IP Address to see detailed information on the Cisco Talos page

malicious nodes.mp4

PCAP Monitoring

 Work Flow
  1. Log in QManager and start capturing network data (Refer to Capture)

  2. Go to the Monitoring dashboard on PureInsight

  3. See the live performance of the packet capture

  4. Save the graph image

pcap monitoring.mp4

VLAN Strip

vlan strip.mp4

VLAN Strip Inner IP Outer ETH

vlan strip inner ip outer eth.mp4

  • No labels