Network connection drilldown tab

Jump to bottom

Edoardo Gerosa edited this page Jul 23, 2020 · 2 revisions

The Network connection drilldown tab provides insights into Sysmon network connection (Event ID 3) indicators within the specified timespan.

alt text

The Network connection drilldown tab displays the following tables:

Cluster view of inbound IP connections to deployed virtual machines
Heatmap grid listing top IP connections
Punchcard overview of Sysmon network connection activity within the specified timespan
Grid listing raw sysmon network connection logs within the specified timespan

A higher definition picture of the Network connection drilldown tab can be found here.