See a dynamic overview of the current status of your tenant and your security operations processes on the XSIAM Command Center.
The XSIAM Command Center dashboard provides a dynamic overview of your security operations processes, and supports drilldowns to additional dashboards and dedicated pages. The dashboard gives a visualization of the current status of your tenant and its activity during the selected time frame. Click on any element to drill down to dashboards or pages displaying data that is filtered by your selection. Unless you have specified an alternative dashboard, this is the default dashboard in Cortex XSIAM.
The XSIAM Command Center includes incoming data, incidents and alerts, and key performance indicators. The following table describes each of these sections:
Section | Details |
---|---|
Incoming data |
Click on any of these items to explore your Data Inventory. Breakdowns of data ingestion by data source including ingestion rates, trends, and prevented events are displayed. |
Incidents and alerts |
Click on any of the incident metrics to open the Incident Overview showing a breakdown of your incidents. You can also click on the concentric circle to see a live feed of XSIAM activity on the Dynamic View. |
Key performance indicators |
Click on the key performance indicators to drilldown to dedicated pages for further investigation. The trend percentages for the key performance indicators are calculated by comparing the totals from the current time frame with the totals of the previous time frame. An arrow indicates whether the rates are rising or falling in comparison to the previous time frame's total. |
From the XSIAM Command Center, you can drill down to the following dashboards: