Monitoring Attacks in real time

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Monitoring Attacks in real time

L0 Member

Hi,

I'm wondering if there is another way instead monitor tab to monitor attacks in real time.

Does anyone else thinking about it?

Leonardo Dias

6 REPLIES 6

L7 Applicator

Hello Idias,

a) You can monitor the real time situation through a monitoring tools. Which would show the packet rate, session rate, drop counter of an interface.

b) You can run a script which will pull up information through CLI command on a specific interval: (you can run these commands manually also)

> show counter global filter delta yes | match dos

> show counter global filter delta yes | match drop

Thanks

Not applicable

I haven't found any feature that allows you to watch traffic in real time yet. I would suggest trying to implement Splunk into your environment!

HULK,


Is that in "real time" though?

I agree.

without monitoring tools visibility is limited for attack details(real time)

L4 Transporter

Use of the session browser is useful if you can identify an attribute of the attack and apply it to the filter.  It all depends on what type of attack we are talking about.

Phil

L4 Transporter

We are using Splunk for that Purpose. There is the excellent PAN Splunk App available. Here are some sample Screenhots to give you an idea.

Capture.JPG.jpg

Capture.JPG.jpg

  • 2927 Views
  • 6 replies
  • 1 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!