Visualize and Explore

Data analysis powered by machine learning and limited only by your imagination.

All client, application, and business activity travels through your network—the wire. This makes wire data one of the biggest and richest sources of intelligence. When you extract your wire data, you also need to be able to visualize and explore it easily to gain meaningful information you can act on.

Start with Machine Learning

Humans are much better at making decisions than machines. But machines are much better at analyzing large sets of data. That's why any data analysis solution should start with machine learning to bring order to large sets of data.

ExtraHop's Addy service applies machine learning to your wire data, automatically building baselines for every device, network, and application, and then alerting you to anomalous behavior. This anomaly detection is much more accurate than traditional alerting and also detects issues that you never thought to build an alert for.

With Addy, the ExtraHop platform gives you the context you need to take action. From there, you can easily answer questions with rapid access to the details of any transaction record. With a global search, visual query capabilities, and customizable dashboards, you can find the data that is most important to you, and then see and explore that data on the fly.

 

An Interface that Works the Way You Do

The ExtraHop platform equips you with both top-down and bottom-up workflows: You can start with a high-level view and then drill down to devices, individual transactions, and even the exact packets that comprise those transactions. Or you can start with an outlying transaction—one with too-long processing time or unusual response size, for example—and then investigate from there. Whatever your approach, the ExtraHop platform equips you to ask questions of your wire data and get answers in real time.

ExtraHop transaction/application dashboards
A top-down view of your environment helps you spot anomalies and trends.

Easily perform multidimensional analysis on your transaction records.

Analysis on Transaction Records

Quickly drill down into the packets that comprise flows and transactions.

Drill Down into your packets

Customizable Dashboards

The ExtraHop platform offers a simple, intuitive user interface that makes it easy to create new visualizations of your wire data and includes automatically populated role-based dashboards for teams across your organization. You can create a new widget in three steps: 1) Select your data source and metrics, 2) Select the visualization type, and 3) Save it to your dashboard.

When you're ready to share your analysis, you can quickly export charts and the background data points to PDF, Excel, or CSV.

ExtraHop Dashboard Icon

Realize immediate value with automatically populated dashboards and create custom dashboards with a drag-and-drop interface.

Metric Explorer Icon

The Metric Explorer enables you to easily experiment to see which visualization best represents your data.

Time Based Comparison Icons

Time-based comparisons help you compare activity from yesterday, one week ago, or any other time interval.

Visual Query Language

Much more than just search, the visual query capabilities in the ExtraHop platform enable you to explore your transaction and flow records through multidimensional analysis. You can refine or change your query by clicking UI elements that control grouping, pivoting, sorting, filtering, and time-range selection. There are dozens of built-in record types and hundreds of record attributes available, and you can also define your own custom records with their own attributes.

The visual query language makes it possible to quickly ask and refine questions without having to learn a query language. For example, you could start with a particular troublesome SQL statement, then see how different iterations of that database call are performing. In a security context, you could sort SQL messages by query string to identify attempted SQL injection attacks; with the malicious IP address identified, you could then pivot to see all the activity of that client on the network over the last month. Export that information to Excel, CSV, or visualization tool such as Tableau or Qlik, and you have a step-by-step map of what the attacker did!

Visual Query Language
The visual query capabilities enable you to explore hundreds of built-in record types with hundreds of record attributes.

Learn More About How ExtraHop Works

Go Back: Index and Store See Next: Customize and Integrate