Document toolboxDocument toolbox

Monitor intranet traffic to dangerous websites

Owned by Juan Tomás Alonso Nieto (Deactivated)
Last updated: Jul 25, 2023 by Borja Moro Moreno
4 min read
[ 1 Build and enhance the query ] [ 2 Generate the Graph diagram ]

In this guided tutorial, you will generate a Graph diagram using firewall log data in order to visualize and analyze access to dangerous sites from within your company's Intranet.

There are two phases explained below:

Build and enhance the query

Generate the Graph diagram

1

Select Additional tools → Charts → Diagrams → Graph diagram from the query toolbar.

2

Drag and drop the fields onto the chart canvas as shown in the picture below:

  • Nodes → UserNamedstIp, and Threat

  • Geolocation → dstServerCoordinates (onto the corresponding node)

  • Color → dstCountry (onto the corresponding node)

  • Link relationship → count and avgBytes

3

Customize the icon for the UserName node using a person icon as shown in the picture below.

4

Click Apply. Activate the Map mode option in the graph menu to geolocate your nodes in the map.

For more details on how use the settings to view the information in different ways, see Working in the graph diagram.