Abstract: Methods and systems for providing dynamic parallel coordinates visualization of network flows are described. One example method includes identifying protocol metadata associated with a plurality of network flows on a network; analyzing the protocol metadata associated with the network flows to determine one or more metadata attributes associated with the network flows; and presenting a parallel coordinates visualization of the network flows, the parallel coordinates visualization including a plurality of axes, each axis corresponding to one of the determined metadata attributes, wherein each of the network flows is represented as a line interconnecting respective points on each of the axes of the parallel coordinates visualization, and wherein a position of each point on its respective axis represents a value of the metadata attribute associated with the axis for the network flow represented by the line.

Abstract: Methods and systems for providing selective packet capture are described. One example method includes identifying a packet capture rule from a set of packet capture rules, the packet capture rule including a trigger condition and an action to perform when the trigger condition is detected; monitoring a network flow to detect whether the network flow satisfies the packet capture rule's trigger condition, wherein monitoring the network flow includes analyzing one or more packets included in the network flow to determine a set of protocol metadata associated with the network flow; and selectively performing the action associated with the packet capture rule on the network flow based on a result of the monitoring.