Sys Maintenance: Create Historical Graph of Events Collected for an Event Source

Document created by RSA Information Design and Development on Sep 14, 2017Last modified by RSA Information Design and Development on Feb 7, 2020
Version 25Show Document
  • View in full screen mode

The historical graph of the events collected from an event source gives you information about the variation of the collection over a selected time frame.

To view a historical graph:

  1. Go to ADMIN > Health & Wellness.
    The Health & Wellness view is displayed with the Alarms tab open.
  2. Click Event Source Monitoring.
    The Event Source Monitoring view is displayed.
  3. In the Historical Graph column, select Historical Graph icon.
    The Historical graph for the selected event source is displayed.
    The figure below gives an example of the historical graph for the event source type winevent_snare.
    Historical Graph for winevent_snare
    The graphical view is customized to display the events collected for the current day and the values are zoomed in for an interval of an hour (09.05 - 105.05 hrs). Hover over the graph to view the details at a particular instant. For example, in the figure it displays the average rate of collection at 09.30 hrs.

Note: You can customize the graph view by selecting the Time Frame and Date range. You can zoom in using the zoom in value, time window, or by just a click and a drag in the plot area. For details on the parameters to customize and zoom in functions see Health and Wellness Historical Graphs collected from an event source.
If there is no data displayed on the chart, this may be due to one of the following reasons:
-  The event source is down.
-  The event source is not processing anything right now.

Previous Topic:Filter Event Sources
Next Topic:Monitor Alarms
You are here
Table of Contents > Health and Wellness > Monitor Health and Wellness using NetWitness Platform UI > Monitor Event Sources > Create Historical Graph of Events Collected for an Event Source