PureInsight (FAQ)

How can I create a “Shortcodes template” in Interactive Search?

Click the “Shortcodes” button to create, edit, and delete templates.

Why am I getting an error message in my Inline Search?

The syntax of the inline search filter may be incorrect; use BPF Syntax or Tshark Syntax. Note that you cannot mix these two syntaxes.

There are some parts of the graph where the color of the links is different. What does this mean?

Please refer Graph Properties/Rules page for the graph link/styling rules in Interactive Search.

The tooltip shows "Potential Malicious Node". What does this mean?

Nodes specified in https://www.talosintelligence.com/documents/ip-blacklist will be marked as Potentially Malicious Nodes. These nodes have a red blur. (Refer to Malicious Nodes)

What do “Filter: All” and “Filter: 10%” in Interactive Search?

Selecting All will show all nodes in the graph, and selecting 10% will show the top 10% of nodes.

I want to hide detailed node information such as the tooltip and IP address.

You can go to the “Node Options” tab to hide the tooltip. (Refer to Filters)

What is the benefit of “Disable Rendering”?

Disabling rendering dramatically improves search speed. This feature is very useful if the user only wants to download the output PCAP file.

I want to delete multiple user accounts on PureInsight. How do I do that?

If you are logged in as an administrator, go to "Admin Manager", then "Users". You can create, edit, and delete user accounts.