Assets
All of the metric activity collected from the data on your network is logically grouped into sections on the Assets page, where you can navigate to find the data you need.
Video: | See the related training: Assets |
Devices
Devices, also known as assets and endpoints, are objects on your network with a MAC address or IP address that have been automatically discovered and classified by the ExtraHop system. Assign any device to a chart, alert, or trigger as a metric source. Learn more about Devices.
Device Groups
Device groups are user-defined sets of devices that can be collectively assigned as a metric source to a chart, alert, or trigger. You can create a dynamic device group that adds devices that matches your specified criteria or you can create a static device group and manually add or remove devices. The ExtraHop system also includes built-in dynamic device groups by role and by protocol activity that you can assign as a metric source. Click a role or protocol link from the Devices page to view metrics for a built-in device group.
Files
The Files page displays a table of files that are hashed with the SHA-256 hashing algorithm according to filter criteria configured from the File Analysis settings. Metadata from hashed files are a valuable tool for identifying malware and risks in your network.
Users
The Users page displays a list of all active users found on your network and the devices the user logged in to. The user name is extracted from the authentication protocol, such as LDAP or Active Directory. Search for devices accessed by a specific user.
Note: | These users are not associated with user accounts for the ExtraHop system. |
Applications
Applications are user-defined containers that represent distributed systems on your network. Create an application to view all of the metric activity associated with your website traffic—web transactions, DNS requests and responses, and database transactions. See the Applications FAQ.
Basic applications that filter built-in metrics by protocol activity can be created through the ExtraHop system. Complex applications that collect custom metrics or metrics from non-L7 traffic must be created through a trigger, which requires JavaScript code. Learn more about building Triggers.
Thank you for your feedback. Can we contact you to ask follow up questions?