Version 2.0.0 (30th May, 2024)

Owned by Yuki Bradley Kondo
Last updated: Sept 03, 2024
3 min read

Major Updates: PureInsight Kafka Standalone

We are excited to announce significant updates to the PureInsight platform, enhancing functionality and performance with the integration of Kafka microservices and new features across various modules.

Key Updates

Aspects

  • Nodes: Nodes are now grouped by IP and MAC address, with RX/TX bytes and packet tracking. Hostnames resolve on hover or click, and start/end times are recorded.

  • Links: Visualize network flows, separated by source/target nodes and protocol/port. Track packet and byte counts, as well as start/end times for each flow.

  • Devices: Devices are grouped by MAC address, with RX/TX bytes and packets tracked. Start and end times are recorded.

links.png
Links
devices.png
Devices

Updated Reports Module

  • SSL, HTTP, and DNS Reports: Overhauled for better performance.

  • DNS Reports: Added option to generate a table of all hosts within the PCAP. Introduced a cancel feature for reports.

  • Latency Reports: New tab to calculate round-trip statistics for TCP flows, allowing selection of a single input PCAP for RTT values.

  • Interactive Search: Click a node to process reports, and generate CSV reports with ease.

Updated Protocol Support

  • Protocol and Port Display: Enhanced display for transport layers, with added string matching for IP protocol numbers.

  • Ether Type Resolution: Automatically resolve hex numbers to their evaluated strings, displaying unresolved types by number.

Revamped Interactive Search Reports

  • CSV Reports: Generate and download CSV reports at the end of every search. New options include generating a tar archive of all CSV files.

Flow Analysis

  • Flow Aggregation: Aggregate all flows into one to reduce noise and obtain a clearer picture of the overall packet/byte rate.

  • Packets/Bytes Toggle: Switch between viewing packets and bytes for a more detailed analysis.

  • Flow Download Cancelation: Cancel a flow download by clicking the loading indicator on that flow.

Dashboard Enhancements

  • Backend Worker Status: New dashboard to monitor and manage the status of various backend workers, including restart and stop functionality for all PureInsight Kafka workers.

TacAcs Support

  • Credential Configuration: Set up credentials in /data/mgr/ldap/tacacssetup.

ElasticSearch Improvements

  • Increased Storage: Storage has been expanded.

  • GUI Settings: Restart support added to the GUI under ‘Restart Capture Index.’