Chart explanation
- Purpose
- Identify signs of exfiltration activity. A high number of same-sized requests, and/or large packets are of interest.
- Group by:
- Either group the chart by Process, Host or Target.
- Min. request count
- Filter out the background noise of requests to identify problems more easily.
- Min. request length:
- Filter out irrelevant request lengths to identify problems more easily.