Tagged: Stealthwatch


Python: Stealthwatch and Alarms API

It’s been a while since my last post. So many things going on, but I am still here:) Working with ISE Monitoring API I like an option to get errors with code/cause and how/what to check for resolution: I was not able to find any Stealthwatch API for Alarm’s definitions. But there is a cool guide “Security Events and Alarm Categories...


Cisco Stealthwatch Alarming Hosts Investigation

How to get additional information about a host present on the Top Alarming Hosts dashboard. Select Top Reports and another pop-up menu appears with options such as Top Applications, Top Ports, Top Protocols etc. By default, the query looks at the past 5 minutes. The number of Flows for each application category is a live link. Click on the Flows number...


Cisco Stealthwatch Management Console (SMC) Overview

Cisco Stealthwatch collects and analyzes network data to deliver comprehensive visibility and protection for even the largest and most dynamic networks. Stealthwatch analyzes industry-standard NetFlow data from Cisco and other vendors’ routers, switches, firewalls, and other network devices to detect advanced and persistent security threats such as internally spreading malware, data leakage, botnet command and control traffic, and network reconnaissance Stealthwatch...