Print Friendly, PDF & Email

The Dashboard shows the following Tables,

Top Incidents

The Top Incidents Table shows the top 10 incidents severity-wise, the critical severity incidents at the top, then High, Medium, and Low, and sorted by the alert count in descending order.
By default, the table shows the top incidents for one week. Clicking any incident in the table navigates the user to that Incident details page. A SOC Manager can see the total incidents count at the upper right corner of the table.

Top Late Incidents

An incident that does not change its state as per the defined SLA is called a late incident.
The Late Incidents Table displays the summary of the top 10 incidents for the last seven days, severity-wise, the critical incidents at the top, then High, Medium, and Low. A user can filter the top incidents list by Incident Type.

Filter Values
Severity Critical, High, Medium, and Low
Incident Types All, Unknown, Phishing, Malware, MITM, Insider Threat, Privilege Escalation. Web Application Attack, Anomaly Detection, APT

Highest Loaded Analyst

The Highest Loaded Analyst Table displays the top 10 analysts with the associated incidents count for the last seven days. If two analysts have an equal count for the associated incidents, then the Highest Loaded Table shows analyst names alphabetically.

Was this page helpful?