Interact with the Dashboard

The time period that you specify in the dashboard defines the data that you see. By default, the dashboard shows events from the last 24 hours. However, you can show events from the last 24 hours, 7 days, 30 days, the current month, or from a date or date range that you specify in a calendar. You can also filter events by a specific time of day by entering start and end times in a 24-hour clock format. After you set a time period, the events that occurred during that time are summarized in all dashboard graphs.

The dashboard includes the following graphs:

  • Summary Graphs: : A graph that provides a snapshot and total number of threat events, AUP events, DNS activity, HTTP and HTTPS activity, and alerts based on the selected or provided time period. This view allows you to quickly determine whether significant events are occurring.
  • Event Doughnut Charts: Charts that provide more details about events. In the Threat Events and AUP Events dashboard sections, three doughnut charts appear with data based on criteria you select. By default, the threat event charts show data based on category, threat name, and threat severity.
  • Timeline Graphs: Line or bar graphs that represent event data based on the selected time period. By default, the timeline information appears in a line graph, but you can select to show this information in a bar chart instead.

You can further interact with these graphs to view more detailed information about DNS activity and events.

  • Clicking a graph or a total number in a summary graph at the top of the dashboard directs you to the applicable ETP page that shows more event or activity information. For example, clicking the graph or the number of total DNS or HTTP(s) threat events directs you to the Threat Events tab of the Event Analysis page where you can see more data. Similarly, if you click the total number of alerts on a summary graph, you are directed to the Event Analysis page where a filter is applied to the data on this page to show events that were enabled for alerts as a result of a policy configuration.
  • Hovering over a part of the doughnut chart or a timeline graph shows the values that are represented at that position in the graph. For example, hovering over an area in a doughnut chart shows the total number of events as it applies to the criteria represented in the doughnut chart, while the timeline graph shows events totals based on the date you hover over.
  • Clicking a part of the doughnut chart or an item in the chart legend directs you to the applicable page where data is filtered based on the type of data that you selected to view. For example, if you view DNS threat events based on the category and you select malware as the threat category in the chart or legend, you are directed to the Event Analysis page where event data is filtered to show information on malware DNS threat events.

The Dashboard also includes an icon where you can produce a PDF of the page. The PDF shows an image of the Dashboard page from the point in time when you selected to produce the PDF. For example, the applied filters and the data shown on the page are captured in the PDF.

Note: If you are trying Enterprise Threat Protector with the new Enterprise Center interface, a new dashboard is available where you can create widgets to show the data you need to track. To learn more about the new dashboard, see New Dashboard.