Certain types of records are enabled for collection by default. You can add or remove the types of records that are collected and sent to your recordstore from the Settings / Records page. These records primarily contain information about messages, transactions, and sessions sent over common L7 protocols such as DNS, HTTP, and SSL.
If you want to collect only specific details from transactions, you can create custom records through the ExtraHop Trigger API.
|Note:||You can manage these settings centrally from a Command appliance.|
Learn more about ExtraHop Records.
Before you beginYou must have a configured recordstore, such as an Explore appliance, Splunk or Google BigQuery.
- Log in to the ExtraHop system through https://<extrahop-hostname-or-IP-address>.
- Click the System Settings icon and then click Records.
- On the Records page, select the checkbox next to the types of transactions you want to capture and store in the recordstore, and then click Enable.
Click Records from the top menu to start a query.
If you do not see any records, wait a few minutes and try again. If no records appear after five minutes, review your configuration or contact ExtraHop Support.
Thank you for your feedback. Can we contact you to ask follow up questions?