Start Demo

Prioritize groups for Standard Analysis

The ExtraHop system classifies every device it discovers on your network. Your platform determines the total analysis capacity, which is the number of devices, or endpoints, that can receive Standard Analysis. On the Analysis Priorities page, you can target specific device groups or activity groups for Standard Analysis as needed, based on their importance to your network. Groups are ranked in an ordered list, so you can let the ExtraHop system know which devices are the most important to you.

Here are some important considerations about Standard Analysis:

  • If there is still room in Advanced Analysis, devices in the top-most groups in the Standard Analysis section will receive Advanced Analysis.
  • You must have full write privileges to edit analysis priorities.

The following steps show you how to prioritize devices, such as HTTP servers and DNS servers, for Standard Analysis:

  1. Log into the Web UI of a Discover appliance or Command appliance.
  2. Click the System Settings icon and then click Analysis Priorities.
  3. If you are managing analysis priorities from a Command appliance, find the Discover appliance with the devices you want to prioritize in the Manage Priorities from this Command Appliance section. Click Edit Properties in the row that contains the Discover appliance.
  4. Prioritize groups by completing the following steps:
    1. In the For Standard Analysis section, click adding a group.


    2. In the Group drop-down list, type the name of a device group or activity group and then click the group name from the search results. For example, type HTTP servers and select the HTTP Servers activity group.
    3. Optional: In the Description field, type information about why this group is a priority.
    4. Click Add Group to include another device group or activity group.


    5. Click the Group drop-down, type a group name such as DNS servers, and then click the group from the search results.
      There are now two groups, where the top group (HTTP Servers) has a higher priority over the bottom group (DNS Servers).
    6. Optional: Click-and-drag the left edge of the Group to move its position in the list. The groups at the top of the list have the highest priority.


  5. In the Automatically Fill section, make sure On is selected.
    Note:If your appliance is having performance issues, then click Off. This selection will remove devices and make sure that only devices in prioritized groups receive Standard Analysis.
  6. At the top of the page, click Save.
  7. Optional: Click the check icon to collapse the group. Click the pencil icon to expand the group again, as shown in the following figure.
  8. Click the x icon to remove a group from the list, as shown in the following figure.
Published 2019-01-16 16:08