The Reports RE Top Alerts dashlet is a configurable dashlet that depicts top alerts in four chart types. You can configure the results to include in the chart (from the top 2 alerts to the top 15 alerts in the specified time range).
The chart is summarized for each top alert against the number of events triggered by the alert for the defined time and refresh intervals. The first data point in the chart defines the number of events (alert count) triggered by the alert for the defined time. The subsequent data points are depicted by adding the alert count in the first data point and alert count in the defined refresh intervals.
For example, if for the defined time range, the number of events (alert count) triggered by the alert is 10, then the first data point in the chart is shown as 10. The subsequent data point = 10 + number of events (alert count) triggered by the alert in the defined dashlet refresh interval.
To display this dashlet in the Security Analytics dashboard or as part of a custom dashboard, click > Add Dashlet in the dashboard toolbar and select Reports RE Top Alerts from the Type drop-down menu.
The following figure is an example:
This dashlet is a visual representation of the alerts most frequently triggered by the associated Reporting Engine. Each chart type can be defined by the number of top alerts, the time from when the alerts needs to be fetched, and the dashlet refresh interval for the chart to be refreshed.