Interactive reports have been added to the Alert Logic® console with the New Alert Logic Console Universal Navigation software update. These reports provide convenient access to analysis, statistics, and trending data related to the configuration, status, and outcomes from your subscribed products and services. Each report provides interactive filtering options, visual representations of the data, informative tool tips, and download and export options.
Two report groups were added during the software update - Incident Analysis Reports and Service Review Reports. In the Reports main menu tab of the Alert Logic console, these report groups can be found in the Interactive page and are visible to customers of all subscription levels.
Reports in the Scheduled and Usage pages are those that have been carried over from the previous Alert Logic Cloud Defender™ console and are visible to customers with Cloud Defender, Alert Logic Threat Manager™-only, and Alert Logic Log Manager™-only subscriptions. A fourth page, WAF, is only visible to customers with Alert Logic Web Security Manager Premier™ subscriptions.
Incident Analysis Reports
Reports within the Incident Analysis report group provide valuable insights and trending data for incidents created from all subscribed detection sources. There are several types of incident analysis reports, all of which focus on different metrics around your detected incidents. These reports are designed to support the needs of business executives, as well as security or compliance managers and analysts. The available reports include:
- Incident Daily Digest - Threat status of your infrastructure from incidents detected on the previous day for the selected detection types
- Incident Daily Digest Trends - Histogram chart that allows you to focus on how your threat landscape of detected incidents has evolved within the specified date range
- Incident Distribution Explorer - Incident counts by threat level, classification, and incident type for the selected detection types to help you identify patterns or trends within the specified date range
- Incident Attacker Explorer - Top 10 hosts and geolocation charts to highlight which sources most frequently attacked your infrastructure and from where within the specified date range
- Incident Target Explorer - Top 10 hosts and ports charts to highlight which hosts within your infrastructure were more frequently targeted by attackers within the specified date range
Service Review Reports
Reports within the Service Review report group provide summary information and visibility into product configuration, product status, and security outcomes from your subscribed services. These reports have historically been provided to some customers monthly via email and are now available to all customers as interactive reports within the Alert Logic console. The available reports include:
- Customer Contacts - Tabular lists of names, titles, email addresses, and phone numbers of contacts for critical incidents and escalations and notification of specific alerts
- Monthly Service Review - A high-level overview of your subscribed services for the selected month, including: customer contacts, collection statuses, incident detection and comparisons, and statistics for Support and Log Review cases
Learn more about the new interactive Monthly Service Review report with the Interactive Monthly Service Review Report knowledge base article.
Learn about the existing Service Review Report with the Service Review Report knowledge base article.
A course on this topic is available in our eLearning portal. To access this course, complete the following steps:
New Alert Logic Console Training Video
- Go to the LEARN portal. If you do no have an account, click Register Here and fill in the required information.
- In the search field, enter Alert Logic Security Console. Select New Alert Logic Security Console Highlight Video from the results.
- Click Request.
- On the Transcript page, click Launch.