How To's
Admin
- Configure a static IP address through the CLI
- Add a local user account
- Add a remote user account
- Configure remote authentication through LDAP
- Configure remote authentication through SAML
- Configure SAML single sign-on with Okta
- Configure SAML single sign-on with Google
- Configure remote authentication through RADIUS
- Configure remote authentication through TACACS+
- Manage imported LDAP user groups
- Register your ExtraHop appliance
- Configure the system time
- Decrypt SSL traffic with certificates and private keys
- Upgrade the firmware on your ExtraHop appliance
- Connect to Atlas services
- Create a certificate signing request from your ExtraHop appliance
- Add a trusted certificate to your ExtraHop appliance
- Send audit log data to a remote syslog server
- Configure email settings for notifications
- Configure settings to send notifications to an SNMP manager
- Send system notifications to a remote syslog server
- Configure license expiration notifications for Discover and Command appliances
- Configure the Discover appliance to collect traffic from NetFlow and sFlow devices
- Set up shared SNMP credentials for your NetFlow or sFlow networks
- Save system settings to the running config file
- Download the running config as a text file
- Reset the local datastore and remove all device metrics from the Discover appliance
- Calculate the size needed for your extended datastore
- Configure an extended CIFS or NFS datastore
- Archive an extended datastore for read-only access
- Troubleshoot issues with the extended datastore
- Create an Explore cluster
- Connect the Discover and Command appliances to Explore appliances
- Connect the Discover and Command appliances to the Trace appliance
- Install the ExtraHop session key forwarder on a Windows server
- Install the ExtraHop session key forwarder on a Linux server
- Configure the iDRAC IP address with a monitor, keyboard, and mouse
- Import external data to your Discover appliance
- Configure an HTTP target for an open data stream
- Configure a Kafka target for an open data stream
- Configure a MongoDB target for an open data stream
- Configure a raw data target for an open data stream
- Configure a syslog target for an open data stream
- Backup and restore a Discover or Command appliance
- Run a support script
- Enable network overlay decapsulation
- Discover new devices by IP address
- Integrate ExtraHop with Splunk
- Increase the capacity of your ExtraHop Explore cluster in VMware
- Disable record ingest on an Explore cluster
- Migrate a Discover appliance
- Migrate to SAML from LDAP through the Admin UI
Alerts
- Configure detection alert settings
- Configure threshold alert settings
- Configure trend alert settings
- Configure an alert to track a custom metric
- Assign an alert configuration to a source
- Add a notification to an alert configuration
- Add Markdown to an alert description
- Create an exclusion interval for alerts
Charts
- Create a chart
- Copy a chart
- Edit a chart with the Metric Explorer
- Drill down
- Export data
- Display a rate or count in a chart
- Display percentiles or a mean in a chart
- Edit metric labels in a chart legend
- Add a dynamic baseline to a chart
- Add a static threshold line to a chart
- Display device group members in a chart
- Create regular expression filters
- Find all devices talking to external IP addresses
- Monitor a device for external IP address connections
Dashboards
- Create a dashboard
- Copy a dashboard
- Display a dashboard in a NOC or SOC
- Create a dashboard with dynamic sources
- Edit a dashboard layout
- Edit a chart with the Metric Explorer
- Edit a text box widget
- Edit a dashboard region
- Change the time interval for a dashboard region
- Edit dashboard properties
- Present a dashboard
- Share a dashboard
- Share a dashboard with a restricted user
- Export data
- Create a PDF file
- Organize custom and shared dashboards
Devices
- Find a device
- Create a device group
- Create a device group based on discovery time
- Remove devices from a static device group
- Change a device name
- Change a device role
- Create a tag
- Add a tag to a device
- Create a custom device
- Delete or disable custom devices
- Migrate pseudo devices to custom devices
- Prioritize groups for Advanced Analysis
- Prioritize groups for Standard Analysis
- Add a device to the watchlist
- Remove a device from the watchlist
- Transfer management of analysis priorities for a Discover appliance
- Specify the locality for IP addresses
REST API
- Change a dashboard owner through the REST API
- Create custom devices through the REST API
- Create a device group through the REST API
- Extract metrics through the REST API
- Extract the device list through the REST API
- Query for records through the REST API
- Tag a device through the REST API
- Upload STIX files through the REST API
- Create a trusted SSL certificate through the REST API
- Update system health REST API scripts
- Migrate to SAML from LDAP through the REST API
- Search for a device through the REST API