Spector CNE
|
|
Administrator's Guide |
Review recorded Network Activity from this tab.
Events pane (top) - Displays all events recorded in a familiar Windows Explorer hierarchical tree interface for easy drill-down.
Preview pane (bottom) - Displays the details of the recorded event. Turn this display option on/off from the View menu > Show Preview.
Status - Provides additional information about all recorded events.
This button becomes active when you select an individual event from the Events pane. This button provides two options:
Snapshots - To view the screen snapshot when the program was started, select the event and then click Jump to > Snapshots. This provides you with a Snapshot view of what was happening on the computer at the time this program was started.
Go to Keystrokes - To view the keystrokes when the program was used, select the event and then click Jump to > Go to Keystrokes.
The view in the Preview pane can be changed to display:
Summary - useful for determining how much time/bandwidth each application has been using on the network.
Details - useful for determining whom the applications are connecting to
Search Network Activity for:- This search works like a filter displaying only the data matching the search. This search criteria is maintained while the Viewer is open.
Example If you do a search from the Network Activity tab and switch to the Chat/IM Activity tab and then return to the Network Activity tab, the Network Activity search results will still be displayed. To view all the recordings, you must either perform another search or close the Search window.
See Searching Events for information on basic and advanced searching.
Delete a recorded event or multiple events from their stored data files. Once an event is deleted within the view, it is removed from the Client's data files. It will no longer exist and it cannot be recovered.
Select an event or select multiple events using the CTRL or Shift keys and then click Viewer Toolbar Delete, Edit menu Delete or use Delete key. To delete all events, on the Edit menu, click Select All and then delete.
Refresh updates the Viewer with the latest Client data files. If data files are added to the data file folder or data files are updated in the data file folder, the Viewer will NOT display these events unless the data files are re-loaded from the data file folder.
Sort the events using the column categories. Click on the column header to sort in ascending or descending order. By default, they are sorted in descending order by the first column.
Program - The program name of the application used
Start Time - Indicates when the connection was started
Protocol - Indicates protocol used for the Network Activity (TCP, FTP, HTTP, HTTPS, KAZAA)
Connections - Indicates number of connections used
Sent - Indicates number of packets sent
Recv - Indicates number of packets received
Duration - Indicates total connection time
End Time - Indicates time connection ended
Program - The program name of the application used
Start Time - Indicates when the connection was started
Protocol - Indicates protocol used
Domain Name - Name of the domain where the Network Activity took place
IP - Indicates the IP address where the activity took place
Port - Indicates the port used for the Network activity
Connections - Indicates total connection used
Sent - Indicates time connection ended
Recv - Indicates number of packets received
Duration - Indicates total connection time
End Time - Indicates time connection ended
See Viewer Menu and Toolbar for complete information about Jump to, Search, Refresh, and Delete.
Jump
to - Becomes active when you select a Network Activity Summary
or event Details from the bottom
pane. Click the Jump to button
(or right-click the event in the bottom pane) and select:
Snapshots - To view screen snapshots of the Network Activity
event.
Keystrokes- To view keystrokes recorded for the Network Activity
event.
Search Network Activity for - Enter search terms and click Go. The search works like a filter, displaying only the data that matches your entered search terms. For example, search for "payroll" in the Domains field to see all activity that occurred at "payroll.companyx.com." See Searching Events for more information on basic and advanced searching.
Refresh - Updates the Viewer with the latest Client data files. If data files are added to the data file folder or data files are updated in the data file folder, the Viewer will NOT display these events unless the data files are re-loaded from the data file folder.
Delete All - Select a group from the top Navigate pane then click the Delete All button. This removes the event(s) from the Data Vault. Once an event is deleted it no longer exists and it cannot be recovered.