Traffic inclusion and exclusion policies
The system passively captures all traffic data that leaves a network tap or mirror port, including the hits that do not relate to the experience of your end users. For example, traffic generated from inside your organization (for testing purposes) might not be relevant to your monitoring needs.
To reduce the amount of data that the system must process by eliminating irrelevant traffic, use traffic inclusion or exclusion. It evaluates each hit according to a combination of policies that you configure to decide whether the data is kept or discarded.
The following topics describe how you can use inclusion and exclusion policies:
Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*
