UI tips and tricks - stamparm/maltrail GitHub Wiki
1. Auto-refresh for Maltrail web-page
Users can define auto-refresh period for Maltrail web-page by adding /?refresh=N
in the address line of the browser, where N in seconds. By default, no auto-refresh is given.
For example, /?refresh=30
is given and Maltrail web-page will be automatically refreshed every 30 seconds:
2. Table page change with keyboard
By pressing left or right keys on the keyboard, users can easily switch from one table page to another, without a need to use the mouse.
3. Tags
Summary: Tags mechanism allows users to define specific notes for trails to build personal filters on various threats.
3.1. Creation
Note: When creating a tag or set of tags, use alphanumeric characters.
- To create a new tag or set of tags, do:
- In Maltrail GUI move the mouse to
tags
column. - Press left-mouse button inside a desired cell.
- Write the text you need.
- Finish tag creation by pressing Enter or by clicking somewhere else on the page.
- To create a set of tags, repeat 1)-4) by a number of tags you need for the current trail:
3.2. Deletion
To delete a target tag, move the mouse on it and press middle-mouse button/mouse-wheel.
3.3. Modification
Tags can only be deleted or created.
3.4. Filtering
User can filter Maltrail detection list with one or several tags by clicking on the respective tag in series:
In this example, has clicked in series tag1
, tag2
, and tag_3
respectively to build a relevant filter for Maltrail detection list.
4. Report false positive detection
To report false positive detection to developers one can do in several ways:
- By creating an Issue with a brief description of why Maltrail detection incorrect is.
- By creating a Pull request with patch and a brief description why Maltrail detection incorrect is.
- By right-mouse click inside the GUI on a respective line and choosing
Report false positive
option. Details will be sent to Maltrail developers for additional analysis.
5. Hide specific threat
In case, if you want to hide a threat from the detection list, do right-mouse click on a respective line and choose Hide threat
option.
To revert hidings, one should do Tools -> Flush local storage: