June 27, 2022

How historical data insights give us great analytical capabilities

Tools that analyse historical data insights come to the rescue when we need to know how many internet connections they are now or tomorrow.

Piotr Kałuża

Solution Architect

When we hear about threats and increased cyberattacks originating from a country or region, we want to know, if we are also affected by these attacks. We can then use a number of tools that, with the help of geolocation mechanisms, will indicate the origin of the network traffic. However, this is only half the story.

If we know how many such connections there are now, how can we estimate whether there are more or fewer than there were a week or a month ago? Fortunately, tools that analyse long term data retention come to the rescue. With such tools, we can study not only the current level of traffic, but also analyse traffic from many months ago. Historical data insights give us great analytical capabilities and allow us to have a complete view of historical traffic.

1. Know your current traffic levels

The first thing we should do is prepare a Widget that will show us the current volume of traffic from and to the countries we want to monitor. A special wizard is used to create Widgets, which will guide you through the entire process, from choosing the method of data presentation, through the selection of data itself and the resolution with which you want to analyse the data.

The Widget allows us to plot minimum, average and maximum traffic levels on a graph.

2. Analysis of historical data

Having prepared the Widget, we can place it on the Dashboard and then analyse the data at different intervals of interest. You can choose from the most popular time periods such as last day, week or month. We can also select the time interval manually.

3. Prepare a notification and alert system

In order not to keep track of these values all the time, we can prepare an Alert that will be triggered when the values we specify are exceeded. The way you create an Alert is similar to how you create a Widget. The main difference is that we need to define the thresholds above which the Alert will be triggered.

The alarm call will be visible in the Alerts table. We can also receive this notification by email, which will make our lives even easier.

Sycope can serve not only as a system for analysing network traffic data. It can also be used to build an early warning system for volumetric threats in network traffic. Thanks to this, we do not have to constantly observe the state of our network, because we receive information about exceeding the defined thresholds via email.

Get a monthly dose of blog posts, tips and tricks

Sign-up for the newsletter and be updated about Sycope.

Sign-up for the newsletter
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.