User Interface

This section provides details about the Sandfly UI.

Results Top Bar and Filter
Results Top Bar The bar at the top of the results view has several features that will help you manage and view alerts. Sandfly Result Top Bar Result...
Thu, 23 Dec, 2021 at 10:06 AM
Viewing Results
Viewing Results Sandfly constantly looks at your Linux hosts for signs of compromise or other suspicious activity. Anything it finds is reported as an alar...
Thu, 23 Dec, 2021 at 10:11 AM
Deleting Results
You can delete alerts by selecting them with their checkboxes and then the Bulk Actions Delete on the right corner. Alternatively, you can delete all of the...
Thu, 23 Dec, 2021 at 10:13 AM
Sandfly Hunter
Sandfly Hunter is a way to quickly search for common pieces of threat data that may be present on your hosts. This is a powerful feature of Sandfly which ca...
Thu, 23 Dec, 2021 at 10:16 AM
Scan
Scanning Hosts Manually Although Sandfly is designed to work automatically to constantly scan for threats, you can also use it to do manual spot checks to ...
Thu, 23 Dec, 2021 at 10:19 AM
Scheduler
Scheduling on Sandfly works differently than what you may be used to. Instead of fixed times, Sandfly uses a unique random scheduling mechanism. Setting up ...
Thu, 23 Dec, 2021 at 10:22 AM
Adding Schedule
Adding a schedule is simple. Adding a Sandfly scan schedule Click on the Add button and fill in the following fields: Name - Name of this sch...
Thu, 23 Dec, 2021 at 10:25 AM
Viewing Schedule
You can view all active schedules by clicking on the View option. Viewing a Sandfly schedule The schedule will show the lower and upper delays, sa...
Thu, 23 Dec, 2021 at 10:27 AM
Pausing and Deleting Schedule
Pausing a Schedule You may want to pause a schedule for maintenance and administration reasons. Simply click on the schedule you want to pause and click th...
Thu, 23 Dec, 2021 at 10:30 AM
Sandflies
Sandflies are the heart of the Sandfly system. Sandflies are small pieces of code that are highly targeted for specific investigation and forensic evide...
Thu, 23 Dec, 2021 at 12:23 PM