These dashboards are not available in a SaaS environment.
To help you get started, the Dashboard provides out-of-the-box dashboards with associated widgets. You will need to configure the widgets to ensure the dashboards display data appropriately for your environment.
Initially, the out-of-the-box dashboards are available to the administrative user created during the initial log in. This user can share these dashboards with SOC team members, who can then create their own clones. Alternatively, administrators can create one or more clones based on these dashboards, then share the clones, and set default dashboards for roles.
You must have the ESM Command Center capability deployed. This dashboard is not available in a SaaS environment.
The out-of-the-box dashboard, How is my SOC running?, gives you an overview of the status and trends related to ESM case management. It includes the following widgets:
You must have the Layered Analytics capability deployed. This dashboard is not available in a SaaS environment.
The out-of-the-box dashboard, Entity Priority, combines content from both ArcSight Intelligence and ESM to provide the status of users and entities at risk, including risk scores calculated by Intelligence. It includes the following widgets:
You must have the Intelligence capability deployed.
The out-of-the-box dashboard, Entity Risk provides at-a-glance actionable information on the current, overall risk of your organization. It includes the following widgets:
The dashboard provides the following information:
Risk statistics: number of events analyzed, number of anomalies and violations found, and the number of active risky entities.
The types of entities involved and their risk counts. When you click an entity type, the Entities page opens in the Intelligence UI, where additional information for the selected entity type is displayed.
The trending risk of the organization.
The dominant potential threat, if any.
The top 5 risky users. When you click a user, the Explore page opens in the Intelligence UI, with the selected user’s name applied to the anomalies and violations filter.
An option to download a PDF containing a detailed report of the risk of the organization. For more information about PDF report, see the PDF Reports section in the Intelligence User’s Guide.
NOTE:You cannot modify the Entity Risk dashboard. You can only clone it.
This dashboard is not available in a SaaS environment.
The out-of-the-box dashboard, Health and Performance Monitoring, provides information about the status of the database used by capabilities such as ArcSight Recon and Intelligence. It includes the following widgets: