It's on the 'Start Traffic' tab when running the Cisco StealthWatch in Sandbox:
Starting CDS Traffic Flow
-------------------------
Once a reservation has setup and reached "Active" state, users can start the CDS traffic flow towards the UDP director.
This is then picked up and displayed my th e Stealthwatch Management Center monitoring.
This sandbox contains the following:
Once the Sandbox reservation has become Active connect to the VPN as instructed in the output window or the email
Brower to the UPD Director and login with admin/C1sco12345
Scroll down on the main page to the interfaces. Note the MAC address of the Eth0 interface.
We now need to start the traffic from the CDS Traffic generator. Ssh root@10.10.20.64 (password is lan1cope)
Once connected, the firstrun script will trigger
Hit n to the configuration XML question
Accept the default hostname for the box
Set domain to lab.devnetsandbox.local
IP address of DNS server is 10.17.248.11
IP address of NTP server is 10.17.251.250
The MAC address for the UDP director is then requested. Enter the MAC from step 3 above in xx:xx:xx:xx:xx:xx notation
The IP address of UDP Director should be set to 10.10.20.63
The IP address of Flow Sensor should be set to 10.10.20.62
The IP address of the Flow Collector should be set to 10.10.20.61
Enter y to accept the setting. A script will run to rewrite the .pcap files, taking just a moment.
Browse to Stealthwatch Management Center GUI and check the flows on the main page. It may take 10 minutes or so to register the traffic flow
cheers
