Hello, does anyone have any instructions or know where I can find any information on how you configure the APM to start looking at traffic? Also, are there any pre-built dictionaries I can download or are we supposed to create our own? I'm having a hard time finding any information outside of the product guide, which doesn't seem to have instructions on how to actually get the ADM to start monitoring traffic. Thank you!
As long as it's monitoring a span port or tap, or similar, it should start producing events for you. There's really not much in the way of configuration that is needed.
I see that you can setup "virtual devices". Do I have to do this to have the ADM analyze traffic? And, if so, do I need to use dictionaries at all or do the rules just automatically apply to the virtual device? Thanks!
I'm not sure where you see the virtual devices. I've never added a virtual device to an ADM, unless you mean a virtual ADM, which is something that you can do.
As far as rules go, there are default rules in the policy editor and you can create new ones as well.
The virtual device is found when you highlight the ADM and then click on the square with the orange plus sign in the upper left hand corner (i'm sure there is a more technical term but I don't know what it is!) I created one, assigned it to one of the interfaces. Once I rolled out policy to everything it started working. Wish I understood better what I did but at least I got it partly working. thank you for your help!