Skip to main content

Public Link sharing

Overview

info

Public Links = Link sharing + Access Filters + Public access

Public Link sharing feature allows you to share an analysis session of Spider to anyone, without requiring them to own an account or to have the same access then you.

With Public Links, you may:

  • Select a range of time to share
  • Select a set of data using Spider standard filters
  • Select who you want to share this Public Link with:
    • A set of emails
    • A set of email domains
    • Anyone - free access

Use cases

  • Temporary share limited production data access for troubleshooting
  • Temporary share integration / production environment access for third parties on their own communications
  • Temporary share access for demos

Required permissions

To be able to create a Public Link, you must have the Publish permission.

  • A direct Publish permission on a Whisperer allows to share a Public Link on it, using Team or not.
  • A Publish team permission allows to share a Public Link on Whisperers owned by the team.
note

The Publish permission do not allow sharing for Whisperers being shared to the team.
In this case, you must have the Publish permission on the Whisperer itself.

Security considerations

As the data captured by Spider may be containing personal information, business data or even credentials, on top of filtering data access with Access Filters, you do not want anybody to be able to access them, and you want to track the access.

Public Link features do both.

Authenticated connection flow

To connect to a Public Link,

  • You have to enter your email address.
  • A One Time Password is sent to the provided email, valid only 2 minutes
  • You must then enter this OTP to connect to Spider.

This, only authenticated users may connect.

On top of this, you may specify white lists to validate the provided email address with.

  • a list of emails
  • or a list of email domains

In such cases, only valid emails will allow to connect using this Public Link. Avoiding the risk of temporary email addresses usage.

Access tracking

When a user logs into Spider using a Public Link, its access is tracked and may be audited afterwards in the Public Links details, with:

  • Email of the person that connected
  • Date of connection

Emails are valid ones, as they are used to receive the OTP required to connect.

Creating a Public Link involves more work than a 'private' link.

  • You have to set who you want to share it with
  • You have to validate or adjust the associated Access Filters

Initiate

  1. Click the share icon to open the Share a link pop in.

CreatePublicLink.png

  1. Click Create a Public Link button to open the creation form

CreatePublicLinkForm-Overview.png

The Link overview section shows a summary of the link that will be shared.

  • Whisperers, date range and current state are taken from the UI state when you clicked on Create a Public Link button
  • Access filters shows if you had an Access Filter defined at team level when creating the link.
    • These filters would then be merged with any additional filters you may add.

Choose public or limited access

CreatePublicLinkForm-Target.png

The Target section let you decide who the link will be accessible to.

FieldDescription
AccessChoose between limited access (from a whitelist list), or a free access (anybody).
Email domainsLimit who may connect by accepting only a list of emails domains. Domains have to start by '@'.
EmailsLimit who may connect by accepting only a list of emails addresses.
Send email with linkWhen limiting to a set of emails, the Public Link may be sent to these addresses will selecting this option.
TTLYou may limit the validity of this link by selecting a Time To Live duration.

CreatePublicLinkForm-TargetFilled.png

Limit data access

The Restrict data access section let you define Access Filters to limit data access available through the link.

By default:

  • Access is limited to the time range of the current timeline zoomlevel (and not its selected part) - cannot be changed
  • Access is limited by existing Access Filters - cannot be changed
  • Access is limited to current protocol View and current selected filters

The latter may be changed:

CreatePublicLinkForm-DataAccess.png

You may:

  • Allow or not each View
  • Define a filter for each (or copy the currently active one)
  • For HTTP view:
    • Restrict access to payloads
    • Hide specific HTTP headers

CreatePublicLinkForm-DataAccessFilled.png

::: tip
As the embedded UI state of the link will not change, you may change view to select and test filters that you want to assign to the Public Link.
The Copy Active button will only allow copying from and to current view. :::

Click Save to create the link.

  • A new Link URL section appears with the link address available for copy.
  • You may click the copy button to copy the link to the clipboard.

CreatePublicLinkForm-Link.png

The link may be shared by any means you wish or sent by Spider to the recipients emails:

LinkMail.png

Login

  1. Clicking on the link opens Spider Login UI on a a specific page:

Login-LinkAccess.png

You validate your email address, which is prefilled when clicking on the link from Spider email.

  1. Upon validation, Spider check that your email is authorized for this link, and send you a One Time Password.

OtpMail.png

  1. This OTP is to be given in input to the previous form.

Login-LinkAccess-OTP.png

  1. On validation, you are redirected and connected to Spider!
note

The OTP is only valid 2 minutes.
If ever you missed the OTP email, you may ask for a new one until the TTL of the link is reached.

  • Click cancel to come back to OTP emission.

Validate terms

If you have never used a Public Link before, you will be presented with explanation and tips, and will be asked to validate terms & conditions.

Terms.png

You must accept terms to access Spider.
Date of acceptation is saved in Floocus central system for tracking.

Network view specific limits

Spider is now in Public Link mode and has restricted features:

  • No Teams access
  • No Controller access
  • No saved settings
  • No access to users personal data
  • Limited access to current Whisperer status
  • Read only on all configuration aspects
  • Etc...

A top level Public Link filter informs you when using a Public Link:

PublicLinkFilter.png

Spider allows you to browse, search and manage existing Public Links.

Browse

To access existing Public Links, click Manage Links on the Share a Link pop-in.

ManageLinks.png

It opens the Details panel with the list of existing Links:

  • That you have created - for standard users
  • All Public Links - for administrators

Links are folded by default and informs:

  • if the link is still active
  • If the link is using whitelisting of emails / domains or if it is free access - The locked / unlocked icon.
  • What Whisperers are shared
  • The time range of the Public Link

Details

Once unfolded, you have access to the details of the link:

  • Share URL
  • Who created it and when
  • Data access restriction:
    • Whisperers
    • TimeRange
    • Access filters
  • Access limitations

ManageLinks-Details.png

Details are also showing the usage of the links:

  • Who used it and when.

ManageLinks-Details-Unfolded.png

note

Public links are purged based on their creation date. By default, 3 months after creation.
If you need longer auditability of usage, you may change the maxAge maintenance purge parameter.

The Public Links Details panel includes a Search input as it is the case for User, Teams, Controllers etc.

This input:

  • Understand Lucene syntax to search for Public links
  • Features auto-completion & syntax-highlighting
  • May be filled with quick filters icon in from the Public Links details

ManageLinks-Search.png

Delete

You may delete a Public Link at any time by clicking (twice) on the DELETE button.