The Alerts Dashboard area on the upper right displays a horizontal colored bar that displays the % of the high severity alerts in red, medium severity in orange and low severity in yellow color in proportion to the total count of the alerts. Below the colored bar, the Total Alert count for the alerts generated for the last 7 days is displayed. The breakup for the total count is also displayed in 3 rows. The first row shows the count of System and Custom alerts. The second row shows severity wise count. The last row shows count of Open and In-Progress alerts.
The section towards the lower right displays the details for the most recent Open and In-progress alerts, date and time of alert generated, the status, the affected process name, the host name, the type of alert, the source of the alert and the type of attack tactic.
An alert is associated with the following attributes and values.
|Tactics||Reconnaissance/Resource Development/Initial Access/Execution/Persistence/Privilege Escalation/Defense/Evasion/Credential/Access/Discovery/Lateral/Movement/Collection/ Command and Control/Exfiltration/Impact|
You can scroll up or down to view the information for earlier alerts.