...
- Username identifier (1): Displays the username of the active user.
- Main menu (2): There are three main sections in the UA Manager application: Hosts, which corresponds to the home or landing page in the Manager, Queries, that permits the access and execution of on-demand queries, and Packs, which is the specific section in which a number of queries can be bundled together as a single entity.
Hosts lists (3): The central block of the Hosts section in the UA Manager application lists all discovered endpoints where the UA Agent has been deployed and identified by their Hostname. This list of endpoints provides the following blocks of information:
a.:Status
b.Endpoints present an online status when their agent is currently connected to the UA Manager. When endpoints are signaled as online, the configuration in the UAM is being applied and the results yielded by the execution of the packs is being propagated to the UA Manager for ingestion into Devo. On the other hand, endpoints whose status is offline are not currently available, and MIA ("missing in action") correspond to these endpoints that have not established a connection to the Manager for a certain period of time.
:Uptime
c.Duration of the endpoint’s last connection to the Manager. Note this duration corresponds to the current duration of the connection for those with an active status.
:Hosts/endpoints information
The rest of the columns in the list provide some additional information about the endpoint: OS type and version, baseline Osquery agent version, IP address, MAC address, and other hardware details (CPU, memory).
The last column in the hosts' list represent two types of clickable icons, each of them providing access to a specific functionality:
...