Dashboard

A Dashboard is a set of reports that are automatically updated with new data that give a comprehensive overview of the system's state. Each user with access to the ERAC and a login has an individual set of dashboards that they can fully customize. These settings are stored directly on the server, so the user has access to the same dashboard from any browser.

The dashboard feature uses the ERA HTTP server by default, communication through port 443. The ports and certificates (for HTTPS) can be changed in Advanced Server options in the ERA Console. The Dashboard and the Dashboard connection options can also be accessed from the ERAC Main program window in the toolbar (blue cloud icon).

NOTE: The administrator needs to prepare a template for each report before it can be used in the dashboard. Otherwise, the data in the reports may not be displayed correctly.

NOTE: By default, the Dashboard is started using the https protocol with a self-signed certificate. This may trigger  the following warning message in the web browser: The security certificate presented by this website was not issued by a trusted certificate authority. Note that when using HTTP, your user names and passwords will be transmitted in plaintext. This can be particularly unsafe when using Windows/Domain logins.

The installer can generate a self-signed certificate for you. Some browsers may display a warning when encountering a self-signed certificate. You can also provide your own certificate either during the advanced installation mode or anytime later by the ESET Configuration Editor. The provided certificate can be signed by a trusted certificate authority or using your own certificate root. The following X.509 certificate and private key formats are supported:

ASN ASN.1 DER encoded certificate and key in separate files.

PEM Base64 encoded ASN with extra headers, certificate and key in separate files.

PFX Certificate and private key in a single container file.

It is not possible to use a certificate and a key in different formats.You can change the protocol to http clicking Dashboard (blue cloud icon) in the main program window of the ERAC and then Configure..., or you can define your own certificate (in PEM file format, X.509 base64 encoded) using the ESET Configuration Editor (Tools > Server > Options > Advanced > Edit Advanced Settings... > Remote Administrator > ERA Server > Settings > Dashboards > Local certificate key/Local certificate).

NOTE: The Dashboard also supports IPv6 protocol. For example, http://[::1]:8080.

There is a set of predefined templates (shown below)  for the Dashboard, or you can create a custom template.

Antispam Action Summary – Shows a summary of all antispam engine activity.

Antispam Score composition - Shows the composition of the spam score and the number of rated messages.

Client Connection Overview – Shows an overview of client connections based on the time and the status of their connection.

Client CustomInfo 1 Summary - Shows a comprehensive report with user-defined information (needs to be defined first).

Client CustomInfo 2 Summary – Shows a comprehensive report with user-defined information (needs to be defined first).

Client CustomInfo 3 Summary – Shows a comprehensive report with user-defined information (needs to be defined first).

Clients of Groups Shows the client count of selected groups.

Clients of Groups to All Shows the ratio of client count of selected groups to all overall client count (as a percentage).

Clients with Active Threats – Shows clients with active threats (not cleaned during the scan) along with information about the active threats.

Greylist Action Summary – Shows all greylisted messages and action taken.

Managed and Unmanaged Computers – Shows computers that are currently connecting to the ERA Server (managed computers) and computers that don't (unmanaged computers). This is based on the default search task.

Os Name Summary – Shows the number and the type of client operating systems.

Product Summary – Shows the number and the type of client security products.

Protection Status Summary – Shows the number of clients and their security status.

SMS Spam Progress Shows progress of SMS Spam.

Server Database Load – Shows the complete amount of time the database was used by all threads.

Server Database Queries – Shows the amount of SQL queries performed on the database.

Server Hardware Load – Shows the CPU and the RAM usage of the server machine.

Server Status Monitoring – Shows the server status along with information about the virus database update.

Threats Comparative Progress Progress of malware events by selected threats (using filter) compared with the total number of threats.

Threats Progress Progress of malware events (number).

Threats By Object Number of threat alerts according to attack vector (emails, files, boot sectors).

Threats By Scanner Number of threat alerts from the individual program modules.

Top Clients by Disconnection – Shows top clients sorted by their last connection date.

Top Clients with most Network Attacks Shows top clients with most network attacks.

Top Clients with most SMS Spam Shows top clients with most SMS spam.

Top Clients with most Spam – Shows top clients with most spam messages.

Top Clients with most Threats Lists the most ”active” client workstations (measured by number of detected threats).

Top Greylist Mail Recipients – Shows top recipients of greylisted messages.

Top Greylist Mail Senders – Shows top senders of greylisted messages.

Top Network Attacks Shows top network attacks.

Top Network Attacks Sources Shows top network attack sources.

Top SMS Spammers – Shows top SMS spammers for specified targets.

Top Spam Recipients – Shows top recipients of spam messages.

Top Spam Senders – Shows top senders of spam messages.

Top Threats List of the most frequently detected threats.

Top Threats by Spread Shows top threats by spread.

Top Users with most Threats Lists the most ”active” users (measured by the number of detected threats).

Unregistered Computers – Shows all unmanaged computers - computers that are not connecting to the ERA Server. It also shows the time at which a new unmanaged computer was found.

Existing report templates can be imported/exported from/to an .xml file by clicking Import.../Export... . Name conflicts during the import (existing and imported templates with the same name) are resolved by assigning a random string after the name of an imported template.

To save the settings of defined reports to a template, click Save or Save as… . If you are creating a new template, click Save as… and give the template a name. Clicking Default Templates will reset the predefined templates to their original state (this action will not affect custom created templates).

Options

Preview Report – Clicking this button will generate the dashboard and show a preview.

Report

 Type – Type of report, based on the predefined templates. It can be modified for predefined templates that have been used for the creation of custom templates.

Filter

 Target clients – You can specify if you want the report to collect All data or data from Only Selected Clients/Servers/Groups, or you can Exclude Selected Clients/Servers/Groups. The clients/servers/groups can be specified after clicking the ... button next to the Target clients drop-down menu in the Add/Remove dialog window.

 Threat – You can also specify if you want the report to show All threats, Only Selected Threats or Exclude Selected Threats. Threats can be specified by clicking ... next to this drop-down menu in the Add/Remove dialog window.

Other details can be configured by clicking Additional Settings… . These settings apply mostly to data in the heading and in the types of graphical diagrams used. However, you can also filter data according to the status of selected attributes. Additionally, you can select which report format will be used (.html, .csv).

Interval

Time - Last X Minutes/Hours/Days/Weeks/Months/Years from which you want the data to be in the report. The time is based on the time the incident was reported to ERA.

Refresh

 Browser Refresh Interval – Select the time interval for the refresh of new data received from the web server.

 Server Refresh Interval – Select the time interval during which the data will be sent to the web server.