Skip to content
This repository has been archived by the owner on May 15, 2019. It is now read-only.

DNS Storyboard

Jump to bottom
vgonzale78 edited this page Sep 21, 2016 · 2 revisions

###Walk-through

  1. Select the option DNS > Storyboard from Open Network Insight Menu.

  1. Your view should look something like this, depending on how many threats you have analyzed and commented on the Threat Analysis for that day. You can select a different date from the calendar.

Executive Threat Briefing
Data source file: threats.csv
Executive Threat Briefing frame lists all the incident titles you entered at the Threat Investigation notebook. You can click on any title and view the additional comments at the bottom area of the panel.

Incident progression
Data source file: threat-dendro-<threat>.csv
Incident progression frame is located on the right side of the Web page.

This will display a tree graph (dendrogram) detailing the type of connections that conform the activity related to the threat.

Input files

threats.csv   
threat-dendro-<threat>.csv

Home

  • Home
  • [Overview of Open Network Insight](Overview of Open Network Insight)
    • [Technical Overview](Technical Overview)
  • [Planning Guide](Planning Guide)
    • [Deployment Option 1: Pure Hadoop](Pure Hadoop)
    • [Deployment Option 2: Hybrid Hadoop / Virtual](Hybrid Hadoop)
  • [Deployment Guide](Deployment Guide)
  • [Installation & Configuration Guides](Installation & Configuration Guides)
  • [User Guide](User Guide)
    • Flows
      • [Suspicious Connects – Analyst View](Suspicious Connects)
      • [Threat Investigation – Analyst View](Threat Investigation)
      • Storyboard
      • [Ingest Summary – Analyst View](Ingest Summary)
    • DNS
      • [Suspicious DNS – Analyst View](Suspicious DNS)
      • [Threat Investigation – Analyst View](DNS Threat Investigation)
      • [Storyboard](DNS Storyboard)
    • Proxy
      • [Suspicious Proxy - Analyst View](Suspicious Proxy)
      • [Threat Investigation - Analyst View](Proxy Threat Investigation)
      • [Storyboard](Proxy Storyboard)
  • ONI Demo
Clone this wiki locally