Versions Compared

Old Version 34

changes.mady.by.user Former user

Saved on

compared with

New Version 35

changes.mady.by.user Borja Moro Moreno

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents
minLevel2
maxLevel2
typeflat
Image Added

Purpose

This Activeboard allows you to monitor Devo Web Activity of all users in your Devo domain. It gives you a high-level audit about:

  • Users: login, location, activity, change of role, etc.

  • Alerts: changes in the alerts.

  • Others: Relay, Lookups, Aggregation tasks, Synthesis Tables, and Reinjection activity

Pre-requisites

To use the Devo Web Activity Monitoring Activeboard, you must have the following data sources available on your domain:

  • siem.logtrust.web. activity

  • siem.logtrust.web.navigation

Open Devo Web Activity Monitoring

Once you have installed the application, you can access the Activeboard in the following ways:

Go to Exchange in the navigation pane and look for the Activeboard you want to open. Click Open.

Image Removed

Go to Activeboards in the navigation paneand use the filter to open the Activeboard you downloaded.Image Removed

Info

Know more about Activeboards

Refer to Manage and filter Activeboards article to know how to work with Activeboards.

Exploring the Activeboard

When opening the Devo Web Activity Monitoring Activeboard, the following info displays:

Image Removed
Note

Load data takes too long

Sometimes some widgets take time to upload the data, it is possible to speed up the process by creating aggregation tasks. Refer to Aggregation tasks article to learn how to do it.

The Activeboard is divided into 9 sections:

Global filters

Filter by Company

User audit

Alerts audit

Expand
titleClick here to see the details of each section
Anchor
Global-filtersGlobal-filters

Widget

Details

Image Removed

Filter by User

Image Removed

Anchor
User-auditUser-audit

Widget

Details

Image Removed

Logins

Image Removed

User Location

Image Removed

Logins by Location

Image Removed

Logins by Credentials

Image Removed

Activities

Image Removed

User Activity

Image Removed

Expand
titleIncluded widgets

Global filters

Filter by User: Select input

Filter by Company: Select input

User audit

Logins: Column chart widget

Activities: Voronoi widget

Global changes in IDP Role Mapping: Table widget

User Location: Heatmap widget

User Activity: Voronoi widget

Filter for users actions: Select input

Logins by Location: Table widget

Filter for changes on roles/IDP mapping

Image Removed

: Select input

Users Actions: Table widget

Logins by Credentials: Table widget

Global changes in roles

Image Removed

Global changes in IDP Role Mapping

Image Removed

Filter for users actions

Image Removed

Users Actions

Anchor
Alerts-auditAlerts-audit

Widget

Details

Image Removed

: Table widget

Alerts audit

Filter action for alerts audit widgets: Select input

Image Removed

Changes in Alerts

Timeline by UserImage Removed

: Table widget

Changes in Alerts

Image Removed

by UserEmail: Line chart widget

Changes in Alerts Timeline by

UserEmail

Relay Audit

AnchorRelay-AuditRelay-Auditanchor

Widget

Details

Image Removed

User: Column chart widget

Relay audit

Changes in Relay Timeline by User: Column chart widget

Image Removed

Global changes in the relays

Image Removed

: Table widget

Rule changes in the relays

Lookup audit

: Table widget

Lookup

-

Widget

Details

Image Removed

audit

Lookup-audit

Filter action for lookup audit

Image Removed

: Select input

Lookups Actions: Table widget

Lookups Changed Summary: Pie chart widget

Changes in Lookup Timeline by User

Image Removed

Lookups Actions

Image Removed

Lookups Changed Summary

Aggregation task audit

AnchorAggregation-task-auditAggregation-task-audit

Widget

Details

Image Removed

: Column chart widget

Aggregation task audit

Filter action for aggregation task audit: Select input

Image Removed

Aggregation Task: Column chart widget

Image Removed

Aggegation Task Actions: Table widget

Synthesis

Audit AnchorSynthesis-AuditSynthesis-Audit

Widget

Details

Image Removed

audit

Filter action for synthesis table audit

Image Removed

Changes in Synthesis Tables Timeline by User

Image Removed

: Select input

Synthesis tables user action: Table widget

Image Removed

Synthesis tables action

Finders audit

AnchorFinders-auditFinders-audit

Widget

Details

Image Removed

: Voronoi widget

Changes in Synthesis Tables Timeline by User: Column chart widget

Finders audit

Filter action for finders audit

Image Removed

: Select input

Finders user action: Table widget

Finders actions: Voronoi widget

Finder actions timeline

Image Removed

Finders user action

Image Removed

Finders actions

Reinjections audit

AnchorReinjections-auditReinjections-audit

Widgets

Details

Image Removed

Filter action for reinjections audit

Image Removed

Reinjections actions timeline

Image Removed

Reinjections user action

Image Removed

Reinjections action

: Column chart widget

Reinjection audit

Filter action for reinjections audit: Select input

Reinjections user action: able widget

Reinjections action: Voronoi widget

Reinjections actions timeline: Column chart widget

Prerequisites

To use thisActiveboard, you must have the following data sources available on your domain:

  • siem.logtrust.web.activity

  • siem.logtrust.web.navigation

Open Activeboard

Once you have installed the Activeboard, you can use the Open button at the top right of the card in Exchange to access it and see the different widgets populated with the relevant data. You can also access the Activeboard area via the Navigation pane.

Image Added
Image Added
Info

Data loading takes too long?

Sometimes some widgets take time to upload the data, it is possible to speed up the process by creating aggregation tasks. Refer to the Aggregation tasks article to learn how to do it.

Use Activeboard

After installing and opening the Activeboard, you can use its widgets to visualize and monitor data. To do this, each widget offers a variety of customization and visualization options. Refer to Using widgets and Using inputs to know them all.