Versions Compared

Version Old Version 6 New Version 7
Changes made by

David Ruel

David Ruel

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Main Help Menu

Live Search
spaceKeyIH
placeholderLooking for something specific?

Company Profile

Fortune 250 Manufacturing Company

Problem

Company suspects that field engineers are using company assets to perform non-sanctioned side-jobs.   Investigators can’t access field engineers machines to examine log files, without tipping them off, unless they’re VPN’ed into corporate network.    Field engineers VPN in to get email, but disconnect before investigators can collect logs.

 

Solution

Heureka Interrogate can search, analyze and collect data from machines over any internet connection.

 

While field engineers don’t connect to VPN often, they do

however

establish

a

regular internet

connection

connections and remain online.

 

Heureka automatically collects log files from target machines as soon as they become available online.

 

Investigators are able to covertly discover company asset misuse without notifying end-users.


Interrogate Workflow #1

Heureka's endpoint service runs in the background and will check for a search/collect request regardless of geographic location. The endpoint simply needs an internet connection to receive a command from Interrogate. For this use case, you will simply need to create a search looking for a specific file type.

NOTE: Because Heureka's endpoint indexer can be customized to any folder on the file system, it is possible to tune the index to only point to the desired log file location thus greatly speeding up the indexing and return of information to Interrogate.

  1. Select endpoints from the grid
  2. Select "Create Search from Selected Endpoints" in the Endpoints grid
  3. Select a pre-existing job in which to place the search
  4. Edit/change the automatically created search criteria
  5. Select "Search" and input name.
 

Analyze

Once the endpoint(s) begin to stream results back to your search result page, you will  see file-level information such as File Name, Risk Score, Tags, File Path, etc, in the Grid Results area.

Take Action

You may export your returned results using the "Export to CSV" function. This flat-file CSV can then be imported to any desired analytics program for further analysis. If you are required to collect the files to a new location, use the "Collect Files" function.