|
In this topic: |
Spector 360 records every instance of a computer's
communication with other computers on the network (intranet or internet).
Measure network usage by tracking connections made between computers within
and outside your network. The Dashboard shows where usage is heaviest
and who's using the most "bandwidth."
See Understanding Recorded Events: Network Events to learn exactly what Spector 360 records.
Include or exclude Network events based on matching keywords.
To search for keywords:
Type the keywords you want to match, for example "ftp" and then select one of the following fields in which to search (click each for a definition). For more about keyword matching, click here.
Include partial matches: Check to look for a partial match; for example, the search word "man" would match "mankind" or "manage" in any of the following data fields.
Domain: Find the "Search for" phrase in the domain name where the network event took place.
Host: Find the "Search for" phrase in the host name.
IP Address: Find the "Search for" phrase in the IP address.
Focus in on Network events made using specific programs, such as RealPlayer or MusicMatch.
To retrieve Network Activity by program:
Select from the Program(s) drop-down list and specify individual programs or groups of programs you wish to include or exclude. For example, you might EXCLUDE Internet Explorer to focus on other programs. There may be Program Groups defined to make selection of programs by type easy. See Viewing by Program.
Focus on Network events occurring on specific domains. A domain is a group of computers and devices on a network with a name (e.g., google.com) or an IP address.
To retrieve Network Activity by domain:
Select from the Domain(s) drop-down list and specify individual domains or groups of domains you wish to include or exclude. For example, you might look for Network Activity involving ONLY mycompany.com for a focused investigation. See Viewing by Domain
Filter by Port Number by including or excluding network addresses and IP: Ports for displaying network connections. Some port numbers are ""well known" meaning they are standard Internet port connections. For example, port 25 is almost always used for SMTP email and Port 80 is almost always used for the web.
To set port and bytes sent/received:
Select from the following:
Port Number
Rcvd Bytes
Sent Bytes
Total Bytes
Choose an operator, enter a number (for port number of byte size), and (for bytes) select MB (megabytes), KB (kilobytes), or Bytes.
|
Operator |
Definition |
|
All |
all amounts of time |
|
> |
Greater than |
|
>= |
Great than or equal to |
|
< |
Less than |
|
<= |
Less than or equal to |
|
= |
Equal to |
|
!= |
Not equal to |
