12 Replies Latest reply on Mar 24, 2009 11:41 AM by jswan

    complex searches in NTA

    jswan

      It doesn't appear that the standard interface to NTA allows for complex searching, e.g.:

      Top 10 Endpoints NOT using t(cp/80 OR tcp/443)

      Top 10 Endpoints using UDP > 32768

      All conversations between 1.1.1.1 and 2.2.2.2

       

      Has anyone figured out a way to build custom queries of this sort? This is fairly easy to do even with free *nix-based CLI Netflow tools, so I figure it's got to be possible, but I'm no SQL wizard.