我的书签
添加书签
移除书签The Overview page
- Findings and alert count
- Top recent alerts
- Top recent findings
- Detectors
Each section provides a summary description for each element of Security Analytics, along with controls that let you take action for each item.
The upper portion of the Overview page contains two control buttons for refreshing information and getting started with Security Analytics. You can select the Refresh button to refresh all of the information on the page.
- In step 1 of setup, select Create detector to define a detector.
- In step 2, select View findings to go to the Findings page. For details about this page, see .
- In step 3, select View alerts to go to the Security alerts page. For details about this page, see Working with alerts.
Findings and alert count
The Findings and alert count section provides a graph showing data on the latest findings. Use the Group by dropdown list to select either All findings or Log type.
Recent findings
The Recent findings table displays recent findings by time, rule name, rule severity, and detector. Select View all findings to go to the Findings page.
This section provides a graphical representation of detection rules that trigger findings most often and how they compare to others as a percentage of the whole. The rule names represented by the graph are listed to the right.
Detectors
The Detectors section displays a list of available detectors by detector name, status (active/inactive), and log type. Select View all detectors to go to the Detectors page. Select Create detector to go directly to the Define detector page.
