In This Article
With the New Alert Logic Console Universal Navigation update, all Alert Logic® customers now experience an updated Alert Logic console design and navigation. This update combines the consoles of Alert Logic Cloud Defender™ and Alert Logic Cloud Insight™ into one universal and integrated console.
The new page structure features an emphasis on actions customers need to take, rather than the product they need to complete actions with. While the navigation to pages has changed, most pages still have the same or very similar content within them.
Read on to familiarize yourself with the newly updated Alert Logic console.
The Alert Logic console is aware of and responsive to the products that you are subscribed to. For example, if you are subscribed to all products, you will see all available pages within the console. If you are subscribed to Cloud Insight only, you will only see pages related to Cloud Insight and will not see any pages related to other subscriptions.
The Alert Logic console now has outcome-oriented main menu tabs, all of which are described below:
The Overview main menu tab is visible to customers of all subscription levels.
For Cloud Defender customers, this tab houses all individual solution dashboards, including: Remediations & Continuous Scans, Network IDS, Log Management, Web App IDS, and Scans. A Topology view of Amazon Web Services (AWS) assets is also housed under the Overview tab.
Cloud Insight-only customers will see two dashboards - Incidents and Remediations & Continuous Scans. They also have access to the Topology page.
Alert Logic Threat Manager™-only customers will see two dashboards - Network IDS and Scans.
Alert Logic Web Security Manager Premier™ customers will see an additional dashboard - WAF.
The Incidents main menu tab is visible to customers of all subscription levels.
Cloud Defender customers have access to the List page, which is a view of incidents sourced from network IDS, logs, and web app IDS. They also have access to the GuardDuty page, which is a view of incidents sourced from Amazon GuardDuty findings - a capability that is unique to AWS environments.
Cloud Insight-only customers will see Summary and GuardDuty pages. The Summary page summarizes the open incidents, which you can further inspect in the GuardDuty page.
Threat Manager-only customers will only see the List page, as GuardDuty integration is not a capability that is part of the Threat Manager subscription.
The Remediations main menu tab is only visible to customers with Cloud Defender and Cloud Insight-only subscriptions. This tab contains all recommended remediation steps for configuration problems and vulnerabilities found within your AWS deployments.
The Search main menu tab is visible to all customers except those with Cloud Insight-only subscriptions.
Cloud Defender customers have the option to search on events, blocks, log messages, and cases.
Threat Manager-only customers can search only on events and blocks.
Alert Logic Log Manager™ customers can search on logs and Log Review cases.
Web Security Manager Premier customers can additionally search on WAF deny logs.
The Reports main menu tab is visible to customers of all subscription levels.
This page provides access to data found within customer deployments. There are hundreds of different report types to choose from, including new interactive reports, which you can learn more about in the Interactive Reports knowledge base article.
Cloud Defender and Threat Manager-only customers can choose from Interactive, Scheduled, and Usage reports.
Cloud Insight-only customers only have access to Interactive reports.
Web Security Manager Premier customers will see an additional reporting option - WAF.
The Configuration main menu tab and the Deployments page are visible to customers of all subscription levels.
Cloud Defender customers have access to several other pages - Network IDS, Log Management, Web App IDS, and Notifications.
Cloud Insight-only customers only have access to the Deployments page.
Threat Manager-only customers only have access to the Network IDS and Notifications pages.
Web Security Manager Premier customers will see an additional configuration page - WAF.
From the vertical line of three gray dots OR the orange box containing your initials in the top right corner of the Alert Logic console, customers of all subscription levels can access additional Alert Logic resources.
The Support Information page is visible to customers of all subscription levels and houses customer details, including Customer ID, Unique User ID, and Unique Registration Key. This page also houses links to the Alert Logic Support Center and its various resources. For quick access to the Support Center, click the Support Center sub-menu tab. Installation guides and downloadable items are also accessible from this page.
The Integrations page is visible to customers of all subscription levels and houses web services integration information and API documentation.
The Users page is visible to customers of all subscription levels and houses a list of all the company's users. Here, customers can change user roles and opt in to multi-factor authentication. Learn more about these features with the following knowledge base articles:
- Role-Based Access Controls in Alert Logic Console
- Multi-Factor Authentication for Alert Logic Console Log-In
Customers with Cloud Defender subscriptions also have access to the Security Content Center page, which shows you the IDS content that Alert Logic has available.
Some features have been moved from their original locations in the Alert Logic console with the universal navigation update. Utilize the list below to easily find these key features:
- Dashboards and statistics for all products: Overview
- Scanning configuration and management: Overview
- Events, blocking, log messages, Log Review cases, and deny logs: Search
- Hosts, sources, networks, appliances, and remote collectors: Configuration > Deployments
- Threat Manager policies, certificates, alert rules, and blocking configuration: Configuration > Network IDS
- Log Manager policies, credentials, schedules, and alert rules: Configuration > Log Management
- Web Security Manager and WAF configuration: Configuration
For a more detailed and ongoing list of feature locations in the updated Alert Logic console, use the Find What You Need in the Alert Logic Console knowledge base article.
Some features and functionalities that were available in the past Alert Logic consoles have been deprecated with this update. These include:
- The use of zones for Threat Manager appliances
- The ability to add scans, incidents, and reports to a case for all products except Log Review
A course on this topic is also available in our eLearning portal. To access this course, complete the following steps:
- Go to the LEARN portal. If you do no have an account, click Register Here and fill in the required information.
- In the search field, enter Alert Logic Security Console. Select New Alert Logic Security Console Highlight Video from the results.
- Click Request.
- On the Transcript page, click Launch.