The Reports RE Top Alerts dashlet is a configurable dashlet that depicts top alerts in four chart types. You can configure the results to include in the chart (from the top 2 alerts to the top 15 alerts in the specified time range).
The chart is summarized for each top alert against the number of events triggered by the alert for the defined time and refresh intervals. The first data point in the chart defines the number of events (alert count) triggered by the alert for the defined time. The subsequent data points are depicted by adding the alert count in the first data point and alert count in the defined refresh intervals.
For example, if for the defined time range, the number of events (alert count) triggered by the alert is 10, then the first data point in the chart is shown as 10. The subsequent data point = 10 + number of events (alert count) triggered by the alert in the defined dashlet refresh interval.
To display this dashlet in the Security Analytics dashboard or as part of a custom dashboard, click > Add Dashlet in the dashboard toolbar and select Reports RE Top Alerts from the Type drop-down menu.
The following figure is an example:
This dashlet is a visual representation of the alerts most frequently triggered by the associated Reporting Engine. Each chart type can be defined by the number of top alerts, the time from when the alerts needs to be fetched, and the dashlet refresh interval for the chart to be refreshed.
|Chart Type||Select the type of chart that you want in the dashlet: |
|Title||Type a name for the Reporting Realtime Chart dashlet. The name appears in the title bar of the dashlet.|
|Top||Select the number of top alerts to be considered while configuring the dashlet. The value ranges from 2 - 15.|
|Past Hours||Select the time from when the alerts need to be fetched.|
|Dashlet Refresh Interval (Minutes)||Set the time interval in minutes at which the data in the dashlet gets refreshed. The interval value ranges from 1-180 minutes.|