Kaspersky Industrial CyberSecurity for Networks

Loading traffic for events

July 3, 2024

ID 150811

When viewing the events table, you can load traffic associated with registered events and/or incidents. Traffic is loaded into a PCAP file (when one event is selected) or into a ZIP archive containing PCAP files (when multiple events or incidents are selected).

The capability to load traffic is available if no more than 200 events are selected in the events table (including events within incidents).

Traffic for events is loaded from the application database. The database saves traffic only when registering events for which traffic saving is enabled. The application can also save traffic in the database directly by requesting to load traffic using traffic dump files. These files are intended for temporarily saving traffic and are automatically deleted as more and more traffic is received from the industrial network (the frequency of file deletion depends on the amount of traffic received and the defined application data storage settings). To ensure that traffic is loaded, it is recommended to enable the saving of traffic for the relevant event types and configure the settings for saving traffic in the database in accordance with the rate of traffic and registration of events.

To load a traffic file for events and/or incidents:

  1. On the Events and incidents tab in the Events section, select the events and/or incidents for which you want to download traffic.
  2. Click the Download traffic button.
  3. If it takes a long time (more than 15 seconds) to create the file, the file creation operation is transferred to the list of background operations. In this case, to download the file:
    1. Click the Icon in the form of an arrow pointing to the tray. button in the menu of the application web interface.

      The list of background operations appears.

    2. Wait for the file creation operation to finish.
    3. Click the Download file button.

Your browser will save the downloaded file. Depending on your browser settings, your screen may show a window in which you can change the path and name of the saved file.

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.