Flow Analysis
PureInsight Flow Analysis is used to create network streams from the PCAP files. Streams are plotted based on 5-tuple information, which contains source/destination IP, source/destination port, and timestamp extracted from each packet. The streams are plotted as a number of packets (y-axis) vs time (x-axis).
Input File Select
This opens up by clicking the input text field, which will immediately the latest files added to choose from the index. on the very first row, there is an input search field that can query/filter any file inside the PCAP index. At select it will close and start processing the data to show up in the graph.
Graph Controls are divided into three sections
Status messages
It shows any current changes done
Packet Offset Controls
after choosing an offset grader than 0, the buttons immediately trigger a change to the data shown on the status and graph.
Resolution controls
the button ‘Apply’ needs to be triggered in order for any changes in this section to take effect.
Graph and Data Table
A new button was added to this section, ‘Export CSV’, it will create a CSV file of the “Data Table” below which it gets updated at selecting the nodes using the “Lasso Select” tool.
Scroll Zoom | Reset | Save graph as PNG | Hover | Pan | Lasso | Box Zoom |
---|---|---|---|---|---|---|
|
|
|
|
|
|
|
Enables scroll zoom. | Resets the graph to its original size and original plot. | Saves the graph as PNG on to the local desktop. | Enables the hover tool, which generates a description when a cursor hovers on point of interest. | Enables the cursor to pan around the graph (dragging). | Selects a specific area on the screen, which will generate column data below that list the packets and their details. | Focuses to an area of interest by enlarging that area. |