Public Link sharing
Overview
Public Links
= Link sharing
+ Access Filters
+ Public access
Public Link sharing feature allows you to share an analysis session of Spider to anyone, without requiring them to own an account or to have the same access then you.
With Public Links, you may:
- Select a range of time to share
- Select a set of data using Spider standard filters
- Select who you want to share this Public Link with:
- A set of emails
- A set of email domains
- Anyone - free access
Use cases
- Temporary share limited production data access for troubleshooting
- Temporary share integration / production environment access for third parties on their own communications
- Temporary share access for demos
Required permissions
To be able to create a Public Link, you must have the Publish
permission.
- A direct
Publish
permission on a Whisperer allows to share a Public Link on it, using Team or not. - A
Publish
team permission allows to share a Public Link on Whisperers owned by the team.
The Publish
permission do not allow sharing for Whisperers being shared to the team.
In this case, you must have the Publish
permission on the Whisperer itself.
Security considerations
As the data captured by Spider may be containing personal information, business data or even credentials, on top of filtering data access with Access Filters, you do not want anybody to be able to access them, and you want to track the access.
Public Link features do both.
Authenticated connection flow
To connect to a Public Link,
- You have to enter your email address.
- A One Time Password is sent to the provided email, valid only 2 minutes
- You must then enter this OTP to connect to Spider.
This, only authenticated users may connect.
On top of this, you may specify white lists to validate the provided email address with.
- a list of emails
- or a list of email domains
In such cases, only valid emails will allow to connect using this Public Link. Avoiding the risk of temporary email addresses usage.
Access tracking
When a user logs into Spider using a Public Link, its access is tracked and may be audited afterwards in the Public Links details, with:
- Email of the person that connected
- Date of connection
Emails are valid ones, as they are used to receive the OTP required to connect.
Creating a Public Link
Creating a Public Link involves more work than a 'private' link.
- You have to set who you want to share it with
- You have to validate or adjust the associated
Access Filters
Initiate
- Click the share icon to open the
Share a link
pop in.
- Click
Create a Public Link
button to open the creation form
The Link overview
section shows a summary of the link that will be shared.
- Whisperers, date range and current state are taken from the UI state when you clicked on
Create a Public Link
button - Access filters shows if you had an Access Filter defined at team level when creating the link.
- These filters would then be merged with any additional filters you may add.
Choose public or limited access
The Target
section let you decide who the link will be accessible to.
Field | Description |
---|---|
Access | Choose between limited access (from a whitelist list), or a free access (anybody). |
Email domains | Limit who may connect by accepting only a list of emails domains. Domains have to start by '@'. |
Emails | Limit who may connect by accepting only a list of emails addresses. |
Send email with link | When limiting to a set of emails, the Public Link may be sent to these addresses will selecting this option. |
TTL | You may limit the validity of this link by selecting a Time To Live duration. |
Limit data access
The Restrict data access
section let you define Access Filters
to limit data access available through the link.
By default:
- Access is limited to the time range of the current timeline zoomlevel (and not its selected part) - cannot be changed
- Access is limited by existing Access Filters - cannot be changed
- Access is limited to current protocol
View
and current selected filters
The latter may be changed:
You may:
- Allow or not each
View
- Define a filter for each (or copy the currently active one)
- For HTTP view:
- Restrict access to payloads
- Hide specific HTTP headers
::: tip
As the embedded UI state of the link will not change, you may change view to select and test filters that you want to
assign to the Public Link.
The Copy Active
button will only allow copying from and to current view.
:::
Retrieve the link
Click Save
to create the link.
- A new
Link URL
section appears with the link address available for copy. - You may click the copy button to copy the link to the clipboard.
Using a Public Link
The link may be shared by any means you wish or sent by Spider to the recipients emails:
Login
- Clicking on the link opens Spider
Login UI
on a a specific page:
You validate your email address, which is prefilled when clicking on the link from Spider email.
- Upon validation, Spider check that your email is authorized for this link, and send you a One Time Password.
- This OTP is to be given in input to the previous form.
- On validation, you are redirected and connected to Spider!
The OTP is only valid 2 minutes.
If ever you missed the OTP email, you may ask for a new one until the TTL of the link is reached.
- Click cancel to come back to OTP emission.
Validate terms
If you have never used a Public Link before, you will be presented with explanation and tips, and will be asked to validate terms & conditions.
You must accept terms to access Spider.
Date of acceptation is saved in Floocus central system for tracking.
Network view specific limits
Spider is now in Public Link mode and has restricted features:
- No Teams access
- No Controller access
- No saved settings
- No access to users personal data
- Limited access to current Whisperer status
- Read only on all configuration aspects
- Etc...
A top level Public Link filter informs you when using a Public Link:
Managing Public Links
Spider allows you to browse, search and manage existing Public Links.
Browse
To access existing Public Links, click Manage Links
on the Share a Link
pop-in.
It opens the Details panel with the list of existing Links:
- That you have created - for standard users
- All Public Links - for administrators
Links are folded by default and informs:
- if the link is still active
- If the link is using whitelisting of emails / domains or if it is free access - The locked / unlocked icon.
- What Whisperers are shared
- The time range of the Public Link
Details
Once unfolded, you have access to the details of the link:
- Share URL
- Who created it and when
- Data access restriction:
- Whisperers
- TimeRange
- Access filters
- Access limitations
Details are also showing the usage of the links:
- Who used it and when.
Public links are purged based on their creation date. By default, 3 months after creation.
If you need longer auditability of usage, you may change the maxAge
maintenance purge parameter.
Search
The Public Links Details panel includes a Search
input as it is the case for User, Teams, Controllers etc.
This input:
- Understand Lucene syntax to search for Public links
- Features auto-completion & syntax-highlighting
- May be filled with quick filters icon in from the Public Links details
Delete
You may delete a Public Link at any time by clicking (twice) on the DELETE
button.