Collect metrics for a segment of traffic across multiple IP addresses and ports by
creating a custom device. Custom devices are useful for monitoring traffic outside of your
local broadcast domain, such as branch offices, stores, or clinics.
Here are some important considerations about custom devices:
- Custom devices only appear in the ExtraHop system after traffic that matches
your specified criteria is observed.
- Avoid creating multiple custom devices for the same IP addresses or ports.
Custom devices that are configured with overlapping criteria might degrade
system performance.
- Avoid creating a custom device for a broad range of IP addresses or ports, which
might degrade system performance.
- A single custom device counts as one device towards your licensed capacity for
Advanced Analysis and Standard Analysis.
- You can also automate this task
through the REST API.
-
Log in to the ExtraHop system through
https://<extrahop-hostname-or-IP-address>.
-
Click the System Settings icon and then click Custom
Devices.
-
Click Create.
-
In the Name field, type a unique name for the custom
device.
-
In the Discovery ID field, type a unique identifier.
If this field is left blank, a Discovery ID is generated from the custom
device name. The Discovery ID cannot contain spaces and cannot be changed after
the custom device is saved.
-
From the Sensor drop-down list, select the sensor that
you want to associate with the custom device. (Command appliance and Reveal(x)
360 only.)
-
Select the Enable custom device checkbox to enable or
disable the custom device.
- (Optional):
In the Description field, add information about the custom
device.
-
Click Add Criteria to specify an IP address, port range,
or VLAN range as match criteria for the custom device.
You can specify a single option, such as an IP address, or specify a
combination of criteria options; you do not need to complete each field.
-
In the IP Address field, type an IP address or a
CIDR notation. If you specify an IP address, you can also specify the
direction of traffic and a peer IP address.
- (Optional): From the Traffic Direction
drop-down list, select Outbound from IP
Address or Inbound from IP
address as a match criterion. These options
enable you to create a custom device that collects metrics only
from traffic sent to or sent from this IP address. The default
selection is Bidirectional.
- (Optional): In the Peer IP Address field,
specify an IP address or CIDR notation that communicates with
the address specified in the IP Address
field. This option enables you to create a custom device that
collects metrics only from traffic between specific source and
destination IP addresses.
Note: | If you specify a peer IP address,
you cannot select Bidirectional for
the traffic direction. |
-
In the Destination Port Range fields, type a
minimum and a maximum destination port number. If no range is specified,
all ports are considered match criteria.
- (Optional):
Click Show Advanced Options to configure a source port
or VLAN range.
-
In the Source Port Range fields, type a minimum
and a maximum source port number. If no range is specified, all ports
are considered match criteria.
-
In the VLAN Range fields, type a minimum and a
maximum VLAN ID.
- (Optional):
Click Add Criteria to configure additional IP addresses,
port ranges, or VLAN ranges.
-
Click Save.
Tip: | Click Save All
Changes to save all custom devices that have unsaved
configuration changes. |
Thank you for your feedback. Can we contact you to ask follow up questions?