Computers

In this tab, a user can see information regarding Computer statistics.

Information and functionality available in this section:

Detections on Computers—here, you can see the graphical intersection of Resolved Detections and Unresolved Detections on all computers. Hover the bubble to see the intersection (count) of computers that meet the condition of resolved or unresolved detections. Above bubble, there is the number of Resolved/Unresolved Detections, which is within a certain range (for example [8,16)/[2,4) means Unresolved Detections count from 8 to 16 excluded. Resolved Detections count from 2 to 4 excluded). Click the bubble, and you will be redirected to the Computers tab

Computer statuses—this section shows a pie graph of computers sorted by statuses (Threat Alarm_Severity_Threat, Warning Alarm_Severity_Warning, Informational Alarm_Severity_Info, Ok Executables_Status_Ok,Unmonitored Executables_Status_Unmonitored). By clicking the part of the pie graph, you are redirected to the specific Computers list with the selected filter

Problematic Computers—this section provides a list of problematic computers. Click the name of a problematic computer to be redirected to the Computer details section. Right-click computer name or left click anywhere else on the row, brings up a context menu with the following options:

oDetails—the same as Computer Details when clicking the name of a problematic computer

oDetails (New Tab)—redirect to the Computer Details in a new tab

oDetections—redirect to the Computer detections tab

oExecutables—redirect to the Computer executables tab

oScripts—redirect to the Computer scripts tab

oEvents—redirect to the Computer events tab

Information in the Problematic Computers section can be organized in the following columns:

Computer—the name of the problematic computer

Unresolved (Unique)—total count of unique unresolved detections

Unresolved—total count of all unresolved detections

Threats (Unique)—total count of unique unresolved threat detections

Threats—total count of all unresolved threat detections

Warnings (Unique)—count of unique unresolved warning detections

Warnings—total count of all unresolved warning detections

Information (Unique)—total count of unique unresolved informational detections

Information—total count of all unresolved informational detections

Resolved Detections—total count of resolved detections with no regard to severity

Additional filters

The additional filters are accessible by clicking the ADD FILTER button or clicking on a space next to the add filter button, where the list of available filters shows. The user can search filter by typing its name or selecting from the list. For the definitions of the additional filters, follow here.

Some of the filters have a funnel icon next to them with two or four possible predefined options:

Unknown—the value in the filtered column is not available (probably not a known value at the time of occurrence)

Known—the value is available

None—value is an empty string

Any—the value is not empty. The negation of None filter

If present on the screen you, can refresh the table by clicking the refresh iconAlarms_Refresh. If available, the export icon Export_CSV can be used to export the table grid to CSV format and use it in other applications to work with the list.

If present, click the PRESETS button to manage filter sets. These options are available:

Save filters—allows you to save the actual filter set. Select the check box Include the visible columns and sorting to save also this setting of your selection, otherwise when loading saved filter without this option selected will end up by showing you the default column setting

Reset filters—resets active filter and return to default filter setting with default column setting

Reset view—resets the active view without resetting the filter set

Manage—allows you to manage your filter sets

Save Filters as Rule—if available, allows you to save the filter as a rule. You can find it then in the list of rules under the Detection rules sub-tab of the admin tab

Columns

Columns can be reorganized by using the Columns_Move icon that appears on the right side of the column name when you hover the mouse over the column name.

The width of the column can be re-sized by the Column_Resize icon that appears on the left side of the column name when you hover the mouse over the column name.

The order of the columns can be organized by clicking the name of the column:

Default (No icon)

Ascending Column_Ascending

Descending Column_Descending

You can change which columns are displayed after clicking the gear icon and selecting the Select column option, or you can reset the view to default by clicking the Reset columns option. You can use Enter quick search pattern—here, you can search for the column by typing its name or a couple of letters from it. Useful if the list of columns is long. For the definitions of the columns follow here.