/
Monitor intranet traffic to dangerous websites

Monitor intranet traffic to dangerous websites

In this guided tutorial, you will generate a Graph diagram using firewall log data in order to visualize and analyze access to dangerous sites from within your company's Intranet.

There are two phases explained below:

Build and enhance the query

Generate the Graph diagram

1

Select Additional tools → Charts → Diagrams → Graph diagram from the query toolbar.

2

Drag and drop the fields onto the chart canvas as shown in the picture below:

  • Nodes → UserNamedstIp, and Threat

  • Geolocation → dstServerCoordinates (onto the corresponding node)

  • Color → dstCountry (onto the corresponding node)

  • Link relationship → count and avgBytes

3

Customize the icon for the UserName node using a person icon as shown in the picture below.

4

Click Apply. Activate the Map mode option in the graph menu to geolocate your nodes in the map.

For more details on how use the settings to view the information in different ways, see Working in the graph diagram.

Related content

Threats tab
Threats tab
More like this
Threats tab
Threats tab
More like this
Firewall tab
Firewall tab
More like this
Network tab
Network tab
More like this
Network tab
Network tab
More like this
Automate continuous firewall traffic monitoring to detect threats faster
Automate continuous firewall traffic monitoring to detect threats faster
More like this