Understanding the Foundation Dashboards and Reports

Available only with ArcSight capabilities.

In the Reports Portal, select Repository > Standard Content > Foundation.

Reporting includes dashboards and reports, organized by the following foundational categories:

Category	Dashboards	Reports
Entity Monitoring	Account Management Login Activity Overview	All Logins by Hostname Failed Logins Summary Login Activity by User
Events Overview	Least Common Events Most Common Events Most Common Events by Severity Reporting Devices	n/a
Host Monitoring	Host Profile Overview	Anti-Virus Activity Anti-Virus Stopped or Paused Audit Log Cleared Failed Anti-Virus Updates Summary Operating Systems Errors and Warnings Services Shutdown Services Started
Malware Monitoring	Attacks and Suspicious Activity Overview Malware Overview Web Application Attacks	Reported Malware by Host Worm Infected Systems
Network Monitoring	DGA Overview DoS Activity Email Attacks IDS Events Overview Man in the Middle Attacks Reconnaissance Activity SSH Attacks Traffic Anomaly Overview VPN Activities Overview	Exploit Attempts Detected by IDS Network Device Configuration Changes
Perimeter Monitoring	Firewall Blocked Events Firewall Traffic Overview	Firewall Configuration Changes Firewall Blocked Traffic by Destination Address
Vulnerability Monitoring	Vulnerability Overview	High Risk Vulnerabilities by Host SSL Vulnerabilities Vulnerability Overview Vulnerabilities by Host XSRF Vulnerabilities XSS Vulnerabilities