UI tips and tricks

1. Auto-refresh for Maltrail web-page

Users can define auto-refresh period for Maltrail web-page by adding /?refresh=N in the address line of the browser, where N in seconds. By default, no auto-refresh is given.

For example, /?refresh=30 is given and Maltrail web-page will be automatically refreshed every 30 seconds:

2. Table page change with keyboard

By pressing left or right keys on the keyboard, users can easily switch from one table page to another, without a need to use the mouse.

3. Tags

Summary: Tags mechanism allows users to define specific notes for trails to build personal filters on various detection recognition.

3.1. Creation

Preambule: When creating a tag or set of tags, one should remember, that Maltrail tag mechanism supports Latin alphabet symbols and _ sign only. Symbols of other alphabets and math-signs are ignored.

To create a new tag or set of tags, do:

In Maltrail GUI move the mouse to tags column.
Press left-mouse button inside a desired cell.
Write the text you need.
Finish tag creation by pressing Enter or by clicking somewhere else on the page.

To create a set of tags, do 1)-4) by a number of tags you need for the current trail:

3.2. Deletion

To delete a target tag, move the mouse on it and press middle-mouse button/mouse-wheel.

3.3. Modification

Tag can only be deleted or created.

3.4. Filtering

User can filter Maltrail detection list with one or several tags by clicking on the respective tag in series:

Here the user has clicked in series tag1, tag2, and tag_3 respectively to build a relevant filter for Maltrail detection list.

4. Report false positive detection

In case, if you sure, that Matrail does a false positive detection, you can inform Matrail developers in several ways:

By putting an Issue with a brief description of why Maltrail detection incorrect is.
By putting a Pull request with patch and a brief description why Maltrail detection incorrect is.
In Maltrail GUI right-mouse click on a respective detection line and choosing "Report false positive" option. Details will be sent to Maltrail developers for additional analysis.

5. Hide specific threat

In case, if you want to hide some threat in Maltrail detection list, do right-mouse click on a respective detection line and choose "Hide threat" option.

To revert hidings, one should do Tools -> Flush local storage:

FAQ - Frequently Asked Questions
Trail classes - Information about different classes of trails
Specific detections - Information about Maltrail specific detections
Maltrail trails structure - Information about Maltrail trails structure
Maltrail trails base format - Information about Maltrail trails base format
Maltrail trails contribution - Information about Maltrail trails contribution
Maltrail detection nuances - Information about Maltrail detection nuances
Maltrail verdicts on Validin Threat Hunting and DNS Enrichment Platform - Information about Maltrail verdicts on Validin Threat Hunting and DNS Enrichment Platform
UI tips and tricks - Brief list of user interface features
CLI management for Maltrail - Information about CLI management for Maltrail
Miscellaneous - Miscellaneous HOWTOs

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

UI tips and tricks

1. Auto-refresh for Maltrail web-page

2. Table page change with keyboard

3. Tags

3.1. Creation

3.2. Deletion

3.3. Modification

3.4. Filtering

4. Report false positive detection

5. Hide specific threat

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Contents

Clone this wiki locally