ANNOUNCEMENT - The community will be down for maintenace this Thursday August 13 from 12:00 AM PT to 02:00 AM PT. As a precaution save your work.
Showing results for 
Search instead for 
Did you mean: 

Stealthwatch Use Cases


Welcome to Stealthwatch Use Cases


Cisco Stealthwatch provides comprehensive network visibility and threat detection for accelerated incident response.  Below are a variety of use cases for your reference.  After reviewing this information, feel free to share your feedback or ask us questions in a new discussion thread.



Compliance.png Forensic Investigation.png Incident Response.png Network Visibility.png System Integration.png Threat Detection.png
Compliance Forensic Investigation Incident Response Network Visibility System Integration

Threat Detection

Community Member

I have some ideas to build off of these. Take cryptomining for example, I had asked Cisco to add the stratum protocol to be able to filter by, this would be much more effective than trying to trigger off known ips, known signatures, or even common stratum ports.

Cisco Employee

Hello Ian,

We very much appreciate your feedback. Stratum protocol detection is scheduled to be added to a Stealthwatch release later this year. Again, thank you for your comment, and if you have any questions or comments, please do not hesitate to contact us.

Cisco Employee

Good stuff John! It is nice to have this material on Cisco communities. I'm definitely interested in better ability to detect crypto mining. Let me know if I can help test.



What are the most common security events that you use in Custom event?


Thanks for your answer.



Ivan E.