Skip to content

Barac ETV platform integration with Endace Pivot-to-vision

Barac ETV platform integration with Endace Pivot-to-vision

You are here:
< All Topics
Table of Contents

One time configuration

To enable the Endace pivot-to-vision feature within the Barac platform some configurations will be required.

  1. Login to the Barac platform
  2. Go to “Configuration” then click “integration config”

Pivot-to-vision configuration page:

As a first step enter the following parameters:

  • Endace probe * (mandatory)
  • Data source (optional with Endace version 6.5.2 or newer)
  • Endace appliance IP address * (mandatory)

Once you click  “Save Configuration”. The values will be stored and no need to type them again every time you generate an URL. 

A screenshot of a video game Description generated with high confidence

If you want to change the one time configurations, just type them again and click  “Save Configuration” and the parameters will be overwritten.

Generating a URL from the integraion page

From the configuration page, you can manually specify the period of investigation. To do so you need to set:

  • Start and End time
A screenshot of a cell phone Description generated with very high confidence
  • Time Zone:
A screenshot of a cell phone Description generated with high confidence

Also don’t forget to specify the name of the investigation. Note that the date and time when the URL is generated and when the investigation is created will be automatically added to the investigation name

A screenshot of a cell phone Description generated with very high confidence

Adding Filters

To make the investigation more accurate and more efficient it’s recommended that you apply filters.

From the following table you can choose which filter you are going to use. Notice that you can apply multiple filters simultaneously.  Once you click on a filter a new typing field is added. You can add/remove filters easily as you see fit.

A screenshot of a cell phone Description generated with very high confidence

Generating URLs

Once you fill all the required fields you click on the ” generate URL” button and instantly an URL will be generated.

A screenshot of a cell phone Description generated with high confidence

You can “copy” and share the URL of the investigation with whoever you wish. By clicking “open” you can open it in the Endace Vision interface in a new tab. 

A screenshot of a cell phone Description generated with very high confidence

After opening the Endace Veion interface you can change the tools and display graphs other than the default displayed.

A screenshot of a cell phone Description generated with very high confidence

The cyber detection page

The cyber detection page in the Barac ETV Platform reveals any attempt of breach sorted by severity from low to critical with time details.

Users can simply open an investigation of any displayed beach in this page directly and with a simple click on the “Endace URL”  button view any detected attack within the Endace vision page.

Once you click on the “Endace URL” button , the attributes of the beach detected by the Barac ETV platform will automatically be taken and used to generate the pivot to vision URL and create an investigation for this attack in the Endace Vision console which will let you analyze the packets and understand more about this breach.

For example the values of the start and the end of the detected attack will be automatically used instead of adding filter and typing manually , as well as the ip address and ports

A screenshot of a computer screen Description generated with very high confidence

Note if you click the “Endace URL” button and you didn’t yet type the one time configuration, you will be redirected to the Pivot to Vision Configuration page 

Conclusion 

After following the previous, the Barac-Endace Pivot-to-vision integration will be complete

Please note that these current steps are as of 4th May 2020 and are subject to change in accordance with any updates to Barac and Endace.