General Overview
This section provides general SIEM information, with the option to filter by date range for specific periods.
Displayed data includes:
| Indicator | Color | Description |
|---|---|---|
| Last 24h | Purple | Number of alerts in the last 24 hours, comparison with yesterday, and alert rate per hour |
| Last Week | Secondary | Total alerts in the last 7 days |
| Resp. Time | Yellow | Average alert response time in hours |
| Resolution | Green | Percentage rate of resolved alerts |
| Total Domains | Purple | Total number of monitored domains |
| Active Domains | Green | Domains currently online with availability percentage |
| Critical Issues | Red | Number and percentage of unresolved critical alerts |
| MTTA | Yellow | Mean Time To Acknowledge: average time needed to acknowledge an alert |
Charts
Section titled “Charts”Alert Trend gives a quick view of the alert severity that is triggering most often.
- Hourly Trend: shows when alerts are arriving at the SIEM.
- Severity Distribution: shows the percentage distribution of alert severities.
- Most Frequent Types: shows the top 5 alert types in the SIEM.
- Most Active IPs: shows the IP addresses attacking the configured SIEM domains most often.
