Traffic inclusion and exclusion policies

The system passively captures all traffic data that leaves a network tap or mirror port, including the hits that do not relate to the experience of your end users. For example, traffic generated from inside your organization (for testing purposes) might not be relevant to your monitoring needs.

To reduce the amount of data that the system must process by eliminating irrelevant traffic, use traffic inclusion or exclusion. It evaluates each hit according to a combination of policies that you configure to decide whether the data is kept or discarded.

Tip

By default, the traffic inclusion/exclusion policies filter unnecessary traffic after it has been captured. To improve system performance, BMC recommends to pre-filter traffic by an upstream device, such as a load balancer, network tap, or security appliance (SSL).

The following topics describe how you can use inclusion and exclusion policies:

 

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*