/
Monitor intranet traffic to dangerous websites
Document toolboxDocument toolbox

Monitor intranet traffic to dangerous websites

Owned by Juan Tomás Alonso Nieto (Deactivated)
Last updated: Jul 25, 2023 by Borja Moro Moreno (Unlicensed)
4 min read
[ 1 Build and enhance the query ] [ 2 Generate the Graph diagram ]

In this guided tutorial, you will generate a Graph diagram using firewall log data in order to visualize and analyze access to dangerous sites from within your company's Intranet.

There are two phases explained below:

Build and enhance the query

Generate the Graph diagram

1

Select Additional tools → Charts → Diagrams → Graph diagram from the query toolbar.

2

Drag and drop the fields onto the chart canvas as shown in the picture below:

  • Nodes → UserNamedstIp, and Threat

  • Geolocation → dstServerCoordinates (onto the corresponding node)

  • Color → dstCountry (onto the corresponding node)

  • Link relationship → count and avgBytes

3

Customize the icon for the UserName node using a person icon as shown in the picture below.

4

Click Apply. Activate the Map mode option in the graph menu to geolocate your nodes in the map.

For more details on how use the settings to view the information in different ways, see Working in the graph diagram.

Related content

Threats tab
Threats tab
Devo v7.10.0
More like this
Threats tab
Threats tab
Devo v7.12.0
More like this
Firewall tab
Firewall tab
Devo v7.10.0
More like this
Network tab
Network tab
Devo v7.12.0
More like this
Network tab
Network tab
Devo v7.10.0
More like this
Automate continuous firewall traffic monitoring to detect threats faster
Automate continuous firewall traffic monitoring to detect threats faster
Devo v7.10.0
More like this