Configure a raw data target for an open data stream

You can export raw data on an ExtraHop Discover appliance to any server for long-term archiving and comparison with other sources. In addition, you can select an option to compress the data through GZIP.

  1. Log into the Admin UI on the ExtraHop Discover appliance.
  2. In the System Configuration section, click Open Data Streams.
  3. Click Add Target.
  4. From the Target Type drop-down menu, select Raw.
  5. In the Name field, type a name to identify the target.
  6. In the Host field, type hostname or IP address of the remote server.
  7. In the Port field, type the port number of the remote server.
  8. From the Protocol drop-down menu, select one of the following protocols over which to transmit data:
    • TCP
    • UDP
  9. Optional: Enable GZIP compression of the transmitted data.
    1. Select GZIP compression.
    2. Provide a value for each of the following fields:
      Number of bytes after which to refresh GZIP
      The default value is 64000 bytes.
      Number of seconds after which to refresh GZIP
      The default value is 300 seconds.
  10. Optional: Click Test to establish a connection between the Discover appliance and the remote server and send a test message to the server.
    The dialog box displays a message that indicates whether the connection succeeded or failed. If the test fails, edit the target configuration and test the connection again.
  11. Click Save.

Next steps

Create a trigger that specifies what raw message data to send and initiates the transmission of data to the target. For more information, see the Remote.Raw class in the ExtraHop Trigger API Reference.
Published 2017-12-11 19:17