Note: For NetWitness Platform 11.4.1, this view has been deprecated. To manage Event Sources, use the (Admin) > Event Sources view. For details, see "About Event Source Management" in the RSA NetWitness Platform Event Source Management Guide.
The Historical Graph view for events collected from an event source provides a visualization of historical data. To access this view:
The Health & Wellness view is displayed with the Monitoring tab open.
Click Event Source Monitoring.
The Event Source Monitoring view is displayed.
The Historical graph for the selected event source type is displayed in a popup window.
The figure displays the events collected from the event source type winevent_snare.
You can customize the graph as required. The table lists the various parameters used to customize the historical graph.
|Time Frame||Select the time frame for which you want to view the historical data. The available options are: Current Day, Current, Week, Current Month.|
|From <date> To <date>||Select the date range for which you want to view the historical data.|
You can zoom in for a detailed view of the data in the Historical graph.
Zoom In Function 1 and 2
You can select one of the values to view the historical data for the selected value. The figure below displays an example for the 6h frame selected for zoom in. The slider bar at the right bottom corner is also changed to a 6h window.
Alternatively, you can slide the bar in the right hand corner to zoom in to a required frame.
Zoom In Function 3
You can click and drag in the plot area to zoom in for a required frame of time.