The Network Rules tab (Admin > Services > select a Decoder and click > View > Config > Network Rules tab) enables you to manage network rules. NetWitness Platform applies network rules at the packet level. Network rules consist of rule sets from Layer 2, Layer 3, and Layer 4. Multiple rules can be applied to the Decoder. Rules can be applied to multiple layers (for example, when a network rule filters out specific ports for a specific IP address). Network rules apply only to Network Decoders.
- Configure Common Settings on a Decoder
- Configure Decoder Rules
- Services Config View - Rules Tabs
The following figure shows the Network Rules tab.
The following figure shows the Rule Editor dialog for a network rule.
The following table describes the columns in the Network Rules grid.
The Rule Editor dialog provides the fields and options needed to define a network rule.
The following table describes the Rule Definition fields.
The following table describes the Session Data actions.
The following table describes the session options.
The following table describes Rule Editor dialog actions.