User guide
iGuard/inSight User Guide
Release 7.0.0.4
69
Yahoo version 8.1.0.421 •
AOL version 4.7.2517 •
MSN/Windows Live messenger 8.1.0178 •
Windows Messenger 4.7.3001
Distributed Searching
On inSight, you can do searches on any of the iGuards attached to your console. The search
procedures used are the same as those used on standalone iGuards.
If you are doing a Basic Search, you are searching all of the iGuards attached to your inSight
Console by default.
If you are doing an Advanced Search, you can select one or more iGuards to run the search on.
The results from the searches that are run on remote iGuards are copied to inSight and displayed
on its dashboard.
Search by Concept
When you use a concept to search network data, you are using pattern-matching to identify
collections of related data quickly. You can select from the standard list of factory default concepts,
or you can create your own.
For example, suppose you are watching your network traffic for evidence of employee discontent.
You could use one or more standard concepts to find specific instances matching that query.
1. Go to Capture > Advanced Search > Content.
2. Select an Element.
3. Select a Condition.
Note: The Conditions menu offers three choices. You can use the equals or not equal
conditions to select or exclude any existing concept from checkboxes on a palette that is
launched from the "?".