Document toolboxDocument toolbox

Activeboard: SentinelOne Threat Explorer

Owned by Former user (Deleted)
Last updated: May 25, 2023 by Borja Moro Moreno
2 min read
[ 1 Purpose ] [ 2 Prerequisites ] [ 3 Open Activeboard ] [ 4 Use Activeboard ]

Purpose

This Activeboard allows you to navigate through the reported threats using different classification criteria such as type or priority. It also allows you to extract valuable conclusions on the proliferation through the built-in filtering options of threats in your monitored systems by isolating parameters such as repetition frequency per threat type, levels of affectation per platform, etc.

Filter by Confidence Level

Filter by Site

Total Detections

Filter by Hostname

Filter by Operating System

Events

Filter by Classification

Filter by Incident Status

Recent Events

Included in Content Pack

This Activeboard is part of SentinelOne Content Pack that contains five different SentinelOne Activeboards.

Prerequisites

To use this Activeboard, you must have the following data sources available in your domain:

Open Activeboard

Once you have installed the Activeboard, you can use the Open button at the top right of the card in Exchange to access it and see the different widgets populated with the relevant data. You can also access the Activeboard area via the Navigation pane.

Data loading takes too long?

Sometimes some widgets take time to upload the data, it is possible to speed up the process by creating aggregation tasks. Refer to the Aggregation tasks article to learn how to do it.

Use Activeboard

After installing and opening the Activeboard, you can use its widgets to visualize and monitor data. To do this, each widget offers a variety of customization and visualization options. Refer to Using widgets and Using inputs to know them all.