Teleseer

Timeline

A historical listing of all sessions which occurred within the given file set.

Suggest Edits

Overview

The Timeline displays an interactive listing of all network sessions which occurred within the given file set or from the selected asset(s). Hovering over a session will display the protocol, start time, and end time of the session. Clicking on a session will populate the Inspector panel with detailed information about the selected session.

Selecting an asset within the topology will update the timeline to display only the sessions created by the selected asset(s).

Sample Timeline

Sample Timeline

Protocol Listing

The protocol listing on the left side of the timeline is contrived of all identified protocols existing within the given file set or asset selection. Clicking on a protocol header will expand the protocol tree to display all protocol sessions of the given type.

Example protocol tree

Example protocol tree

Timeline

The interactive timeline can be shortened, expanded, marked, and clicked on to allow users to fine grain their analysis of a specific session within the data set.

Timeline Searching

The timeline search text field allows user to find a specific protocol session within the current data set. Simply enter the desired protocol and the timeline will update to display all matching sessions.

Timeline Zooming

Users can zoom in and out of the timeline by clicking and dragging the timeline handles or by holding down CTRL + mouse scroll wheel.

Example zoom

Example zoom

Upon zooming into the timeline, the individual sessions will appear at specific points in time.

Timeline Events

Timeline events are used to inform the user of login activity or potential malicious activity to include network scanning and injection attacks.

Clicking on an Authentication Event will display plain text login credentials within the Inspector panel > Selected Events section.

Example: Authentication from X to Y using protocol FTP with credentials: hello-world

Clicking on a TelemeterAttackDetection event will display vulnerability scans and injection attacks within the Inspector panel > Selected Events section.

Timeline event detection

Timeline event detection

To select multiple events or sessions, hold down the ALT key and drag the mouse over the desired sessions.

Updated 3 months ago