Credits to Siegmund
I had a customer that really likes Forensics dashboard but was frustrated with some limitations on not being able to generate a pdf report of results, not seeing VLAN’s as a column and blank IP’s column for client/server IP’s. So I created some dashboards that mimic forensics that can generate pdf’s, have the VLAN info and can pivot to IP pairs if needed. Maybe these could be useful to others if they have the same issues.
Attached are the 3 dashboards
- Forensics IP’s with VLAN (Client and Server)
- Forensics IP Pairs with VLAN
- Forensics Apps and VLANs
Here for example if they are looking at Forensics IP’s with “VLAN (Client and Server)” dashboard and see VLAN 1005 with RTP but no IP’s, you can filter on VLAN 1005 or App RTP and pivot to “Forensics IP Pairs with VLAN” and see the IP’s and also generate report if needed. This helped my customer work thru the limitation in Forensics view.
Here is current Forensics View, no IPS, no VLANs
Here is custom “VLAN (Client and Server)” with client/server IP’s and added VLAN
Selected VLAN 1005 and pivot to “Forensics IP Pairs with VLAN” dashboard linked with tags
Forensics IP Pairs with VLAN (filtered on VLAN 1005) with IP Pairs and VLAN
Select PDF report
Report on Forensics IP Pairs with VLAN (filtered on VLAN 1005)
Please log in or sign up to comment.