GETTING STARTED
What is Cyberspatial Teleseer?
Which Teleseer plan should I pick?
How to sign-up and register for an account
What are the system requirements?
What kind of file types can Teleseer analyze?
Overview of the Teleseer user interface
Publicly available PCAP repositories
ACCOUNT
How to manage your account
How to reset your password
USING TELESEER
Uploading files on the home page
Navigating the network map
Editing and rearranging the network map
Understanding the host inventory
Understanding the external host inventory
Understanding the Connections table
Understanding the Credentials table
Understanding the Dashboard
Exploring the Inspector panel
Exploring the event timeline
TUTORIALS
How to extract PCAP from your timeline
How to identify malicious IP addresses
How to find vulnerable hosts
How to find plaintext credentials
How to export the host inventory
How to export a screenshot of your network map
How to splice PCAPs
How to add PCAPs to a compressed archive
HELP
Contact support
Glossary
Frequently Asked Questions
Troubleshooting

Exploring the event timeline

The Timeline displays an interactive listing of all traffic that occurred within the given file set or originated from the selected host(s). Each block within the timeline represents a point in time where data was transferred over the network. Hovering over a protocol block will display the amount of data transferred within the given time period. Clicking on a block will populate the Inspector panel with detailed information about the connection(s) that took place during the given time period.

When the Smart Filter is activated (by default), selecting a host within the topology will update the timeline to display only the protocols created by the selected host(s).

NOTE: Timeline blocks are NOT generated for bro/zeek logs.
image

Protocol Listing

The protocol listing on the left side of the timeline is composed of all identified protocols existing within the given file set or host selection. Clicking on a protocol header will expand the protocol tree to display all protocol blocks of the given type.

Clicking on the protocol header will select all blocks for the selected protocol.

image
Example protocol hierarchy

Timeline

The interactive timeline can be shortened, expanded, marked, and clicked on to allow users to fine-grain their analysis.

image

Timeline Searching

The timeline search text field allows users to find a specific protocol within the current data set. Simply enter the desired protocol and the timeline will update to display all matching protocols.

image
Timeline search text field

Timeline Zooming

Users can zoom in and out of the timeline by clicking and dragging the timeline handles or by holding down CTRL + mouse scroll wheel.

image

Upon zooming into the timeline, individual protocol blocks will appear at specific points in time.

Timeline Events

Timeline events are used to inform the user of login activity or potential malicious activity including network scanning and injection attacks.

Clicking on an Authentication Event will display plain text login credentials within the Inspector panel > Selected Events section.

image
Timeline event detection

To select multiple events or blocks, hold down the SHIFT key and drag the mouse over the desired data.

Timeline Export (Teleflow)

The Timeline can now be exported to a CSV file. Users can export the full timeline, the current view, or the currently selected traffic.

image
Timeline export
TABLE OF CONTENTS
Creating and deleting projects
How to add additional files to your project
How to add project notes
How to change the mouse tracking speed
How to export the Credentials table
How to export the External Hosts inventory
How to filter tables by selected hosts
How to filter the timeline by selected host(s)
How to filter the topology
How to identify a host's physical location
How to make a custom view
How to pin table columns
How to search for hosts
How to see which protocols are using the most traffic
How to sort inventory tables
What is Cyberspatial Teleseer?
Which Teleseer plan should I pick?
How to sign-up and register for an account
What are the system requirements?
What kind of file types can Teleseer analyze?
Overview of the Teleseer user interface
Publicly available PCAP repositories
How to manage your account
How to reset your password
Uploading files on the home page
Navigating the network map
Editing and rearranging the network map
Understanding the host inventory
Understanding the external host inventory
Understanding the Connections table
Understanding the Credentials table
Understanding the Dashboard
Exploring the Inspector panel
Exploring the event timeline
How to extract PCAP from your timeline
How to identify malicious IP addresses
How to find vulnerable hosts
How to find plaintext credentials
How to export the host inventory
How to export a screenshot of your network map
How to splice PCAPs
How to add PCAPs to a compressed archive
Contact support
Glossary
Frequently Asked Questions
Troubleshooting
Careers
Terms of Service
Privacy Policy
Contact us
Docs
Copyright © 2024 All rights reserved.