User Investigation
The User Investigation area of SSH Hunter provides information that centers around user aspects of SSH key data that is collected by Sandfly.
Table View
The principle page offers username search capabilities and lists all users with discovered SSH key data in an easy to use table.
![SSH Hunter - User Investigation Data Table SSH Hunter - User Investigation Data Table](https://files.readme.io/3ce76ca-user_investigation-datatable.png)
SSH Hunter - User Investigation Data Table
Single clicking on the primary data value or double clicking on a row of data, excluding the buttons in the Actions column, will open a page that contains additional details associated to that entry.
Detail View
Under the Visualization tab the nodes in the Explorer section can be expanded and the panel can be zoomed or moved around in order to follow the relationship between keys, users, and hosts. Below the Explorer is the Key Use Timeline showing key quantities on that host over time.
![SSH Hunter - User Summary View SSH Hunter - User Summary View](https://files.readme.io/5f4dd86-user_investigation-summary.png)
SSH Hunter - User Summary View
Individual hosts and their key entries are displayed in a table under the Hosts & Key Entries tab.
![User Summary - Hosts & Keys Entries User Summary - Hosts & Keys Entries](https://files.readme.io/f277e6c-user_investigation-hosts_tab.png)
User Summary - Hosts & Keys Entries
Updated 17 days ago