All client, application, and business activity travels through your network—the wire. This makes wire data one of the biggest and richest sources of intelligence. When you extract your wire data, you also need to be able to visualize and explore it easily to gain meaningful information you can act on.
The ExtraHop platform's unified UI makes it easy to rapidly access more than 4,000 metrics and the details of any transaction record. With a global search, visual query capabilities, and customizable dashboards, you can find the data that is most important to you, and then see and explore that data on the fly.
An Interface that Works the Way You Do
The ExtraHop platform equips you with both top-down and bottom-up workflows: You can start with a high-level view and then drill down to devices, individual transactions, and even the exact packets that comprise those transactions. Or you can start with an outlying transaction—one with too-long processing time or unusual response size, for example—and then investigate from there. Whatever your approach, the ExtraHop platform equips you to ask questions of your wire data and get answers in real time.
The ExtraHop platform includes automatically populated role-based dashboards for teams across your organization, including teams that manage network, web, database, storage, security, and other technologies.
The ExtraHop platform offers a simple, intuitive user interface that makes it easy to create new visualizations of your wire data. You can create a new widget in three steps: 1) Select your data source and metrics, 2) Select the visualization type, and 3) Save it to your dashboard.
When you're ready to share your analysis, you can quickly export charts and the background data points to PDF, Excel, or CSV.
Visual Query Language
Much more than just search, the visual query capabilities in the ExtraHop platform enable you to explore your transaction and flow records through multidimensional analysis. You can refine or change your query by clicking UI elements that control grouping, pivoting, sorting, filtering, and time-range selection. There are dozens of built-in record types and hundreds of record attributes available, and you can also define your own custom records with their own attributes.
The visual query language makes it possible to quickly ask and refine questions without having to learn a query language. For example, you could start with a particular troublesome SQL statement, then see how different iterations of that database call are performing. In a security context, you could sort SQL messages by query string to identify attempted SQL injection attacks; with the malicious IP address identified, you could then pivot to see all the activity of that client on the network over the last month. Export that information to Excel, CSV, or visualization tool such as Tableau or Qlik, and you have a step-by-step map of what the attacker did!