QRadar Network Packet Capture packet capture monitoring
Use the Monitoring widgets on the Dashboard to view the overall status of one or more QRadar® Network Packet Capture appliances in a group.
A QRadar Network Packet Capture group consists of physically separate appliances, that capture data from separate network taps. Use the grouping feature to form one logical entity that is easier to administer and search. A group can consist of up to eight QRadar Network Packet Capture appliances.
GROUP VIEW
| Icon | Description |
|---|---|
 |
SmartNIC |
 |
System |
 |
Storage |
 |
Traffic |
The state of the component is indicated by its color: light gray, yellow and red.
GROUP LIST VIEW
Use the GROUP LIST VIEW widget to monitor the health of each QRadar Network Packet Capture appliance in the group.
UNIT VIEW
Use the UNIT VIEW to see more detailed information about the QRadar Network Packet Capture appliance selected in the GROUP VIEW widget.
The UNIT VIEW presents overview information about retention and appliance health for the QRadar Network Packet Capture appliance.
Detailed information is displayed for the SmartNIC, System and Storage.
CPU UTILIZATION
Use the CPU UTILIZATION widget to individually monitor the CPU usage for each hyper-threaded core.
TRAFFIC
Use the TRAFFIC widget to monitor the history of the packet capture traffic that is received by the QRadar Network Packet Capture appliance. By default, incoming traffic is displayed. You can view incoming or captured traffic, or both types of traffic.
PACKET DISTRIBUTION
Use the PACKET DISTRIBUTION widget to monitor the distribution between broadcast, multicast and unicast frames that are received by the QRadar Network Packet Capture appliance since the last reset of the statistics data.
PACKET SIZE DISTRIBUTION
Use the PACKET SIZE DISTRIBUTION widget to monitor the distribution of packet sizes for the frames that are received by the QRadar Network Packet Capture appliance since the last reset of the statistics data.