Dashboard

Provides an overview of your enterprise IT environment state concerning security. The Dashboard includes essential information in each tab (Detections, Executables, Computers, More, Server status and Events load).

The Detections is the main screen of the Dashboard that you see every time you click Dashboard. It displays statistical information about the top 10 unresolved detections categorized by their severity, as well as the timeline of detections. The Detections screen indicates any potential or existing attacks, what kind of detections were triggered, or if false positives flood needs to be taken care of by optimizing the detections.

The statistics screens are interactive. Click the pie charts, graphs and other items to see further information. The dashboard includes your ESET Inspect current performance under the Server status and Events load tabs. All of these dashboard screens aim to help you identify what may require your attention.

Use a Time filter within the statistics tabs. Specify the period (day, week, month) to filter statistical information.

Use the Dashboard tabs to switch between the screens:

icon_detections_b  Detections

Displays detection statistics:

Top 10 Unresolved Threat and Warning Detections

Top 10 Unresolved Informational Detections

Threat and Warning Detections

Informational Detections

Click the slice of a pie chart (or the threat name of listed detections) you are interested in, and the Detections table opens with relevant items filtered for you to review. If needed, you can further refine the list of items by using additional filters (for example: occurred time). Click the detections per day graph to get a list of detections occurred that day.

 

icon_executables_b  Executables

The Executables tab shows a hit-map of all discovered executables within your environment. The executables are displayed graphically as an intersection of Network & LiveGrid® popularity showing the file count. This view should help you distinguish safe or well-known executables from unique ones. The unique executables may indicate a targeted attack. Problematic Executables lists executables with suspicious behavior grouped by the number of detections (total and unique).

Executables popularity - The bubbles contain file count that meet the following two conditions:

LiveGrid® Popularity - How many computers reported an executable to the LiveGrid®. Red is evaluated by the LiveGrid® as malicious, Yellow as suspicious, Green as safe.

Network Popularity - The number of computers which have the module in the enterprise.

Click a bubble for a list of executables filtered by popularity:

Executable status - Shows the count of unresolved detections and executable status. Click the pie graph, or the status type (OK, Warning, Info, Threat), for a list of executables filtered by the status.

Problematic Executables - Lists problematic executables detected. Click an executable to see its details.

 

icon_computers_b  Computers

Identifies computers with a potential risk, indicating that further investigation of suspicious behavior may be required.

Detections on Computers - Graphical intersection of Resolved Detections and Unresolved Detections on all computers. The bubble shows computer count and of Resolved/Unresolved Detections, which is within a certain range (for example [8,16)/[2,4) means Unresolved Detections count from 8 to 16 excluded. Resolved Detections count from 2 to 4 excluded). Click the bubble, and you will be redirected to the Computers tab.

Computer statuses - Shows a pie graph of computers sorted by statuses. By clicking the part of the pie graph, you are redirected to the specific Computers list with the selected filter.

Problematic Computers - Provides a list of problematic computers. Click the name of a problematic computer to be redirected to the Computer details section.

 

icon_more_b  More

Information and functionality available in this section. After clicking on the part of the pie graph, the Detections list with specified Severity filter is listed.

Unresolved Detections severity  - Threat , Warning , Informational.

Unresolved Detections priority - No Priority, Priority I to III.

Resolved/unresolved detections  - Total number of Resolved/Unresolved detections.

Last connection - Shows how many Computers were connected to ESET Inspect Server recently (Today, Last Day, More than 2 days).

Received Events From Today - Average value of events on all monitored computers.

ESET Inspect Connector version - Shows the versions of ESET Inspect Connector installed on all computers.

 

icon_server_status_b  Server status (available in the the on-premises version only)

Displays information regarding the Server statistics an overview of the ESET Inspect Server usage. There is also a server status that indicates whether the ESET Inspect environment is in normal health and all system services are running correctly, without excessive use of system resources.

CPU Time

Memory Usage

Networking

Events Processed per Second

Event Packet Queue Length

Hover over a graph to see more information


note

If the SQL database is installed on a different machine than ESET Inspect Server, the information regarding CPU Time and Memory Usage of SQL is not shown.

 

icon_events_load_b  Events load (available in the on-premises version only)

Shows information about the database size and amount of low-level events reported to and processed by ESET Inspect. A low-level event is something a process does. So, write a file, do a DNS lookup, create a registry entry, etc. ESET Inspect analysis low-level events to find suspicious activities and report detections. Low-level events account for most of the database size, so use Event Filters to selectively not store some events and reduce the disk usage. The charts on this page helps find executables that report most of the events and possibly filter them out. Information and functionality available in this section:

Events processed and stored per computer - Shows an average number of low-level events received from a computer and stored in the database. The difference between received and stored values are caused by using Event Filters or configuring ESET Inspect not to store all data. Failed purge can indicate a problem with the disk space running low on the database machine, as this process also need free space to be successfully finished.

Database size - Shows estimated database size and current free disk space.

Events per executable instance - Shows the number of events executed per executable instance on a single computer.

Events per executable - Shows the number of events executed by the executable on all computers within the network.

Top executable instances - Shows the list of executable instances, sorted by the highest events count on a specific computer.

Top executables - Shows the list of executables, sorted by the highest events count within the whole network.

The option to filter events is available through the Executables tab.