Seqrite HawkkHunt has a variety of reports that give you a bird’s eye view of the security situation in your network infrastructure. The information is spread over 6 widgets, you can scroll down to view the other report information. Navigate to the Reports tab on the HawkkHunt console.
Alerts
The first widget gives information about the number of Alerts and severity over a 7, 15, or 30 day -period on a line chart. The count by severity and total number of devices/endpoints is displayed in upper right corner. Use the Severity filter to display the alerts by severity as required.
Tip: You can navigate directly to the Alerts page with the filter that is applied by clicking the forward facing caret highlighted in yellow as shown below.
Exporting reports
You can now export reports in the PDF or Excel format as required for the selected time frame using the Export as button.
Endpoints
The second part has two widgets as follows: One gives information about the count of affected endpoints over a 7-day period.
The second widget gives other information about the top 5 affected endpoints along with the Hostname. A table in the widget displays the count of alerts based on their current status and severity for respective host.
MITRE attack metrics and remediation
In the third part, in the first widget, information about MITRE attack Metrics, the count of alerts by attack type are displayed in a bar graph on the left.
In the next widget, towards the right side, counts for remediation by Delete or Kill action are displayed date-wise for the past 7 days.
The Total count for devices is displayed in upper right corner. Hover above each graph to view Remediation activity counts for that date.
Active Endpoints
A widget in the 4th part of the reports page displays the count of the active endpoints over the dates for a 7- day period along with the total endpoint count displayed on upper right corner.
Active endpoints are those endpoints that have communicated with HawkkHunt portal over the past 7 days.
