Note: The following information applies only to those customers with Alert Logic® Essentials, Professional, or Enterprise entitlements. Customers with Alert Logic Cloud Defender, Threat Manager, Log Manager, or Web Security Manager entitlements who would like to leverage these capabilities can contact their account executive or Customer Success Manager.
The Alert Logic console has undergone several changes with a release on February 14, 2020 that includes the addition of several data dashboards, a new navigation menu, and the replacement of the Remediations page with an improved Exposures page. You can opt into this console experience by clicking Try New Dashboards when a pop-up appears at the bottom of your screen upon console log-in.
Driven by customer feedback, these improvements, changes, and reorganizations serve to create more logical page groupings and easier access to the most valuable information and data, delivered by Alert Logic security expertise. The following information describes the changes to the Alert Logic console and provides additional resources for acclimating to these changes.
The home page of the Alert Logic console, originally organized by product-specific tabs and including several individual summary pages, has now been replaced with four distinct, interactive dashboards visualizing data on threats, vulnerabilities, coverage and health, and endpoint protection, respectively. You can select one of the four dashboards via the drop-down menu in the top left corner.
These dashboards will only show you information for the account that you are currently logged in to. They do not provide data for accounts that you manage, or for accounts that manage you. In order to see a managed account's data via the dashboards, switch to that account.
The Dashboards page has three color mode options - light mode, dark mode, and blue mode. Select the color icon () to change what color mode the dashboards are in, as well as enter and exit full screen. Note: Color modes are currently only applicable to the dashboards and will not carry over to any other console pages.
Each dashboard provides top-level information and graphics on some of the most important data pulled from your environment in the last thirty days, and many graphics include the ability to investigate, configure, or export data right from the dashboard, as well as manipulate the data each graphic is showing. Data refreshes automatically every five minutes while you are on the page and will always refresh each time you go to a new page.
Graphics with legends can be manipulated by clicking on one or more of the legend options to remove them from the graph. In the first image below, High, Medium, Low, and Info legend options are all clickable, allowing you to remove or add any of these options to the bar graph. In the second image below, the Medium option has been removed from the graph by clicking on it, and it can be added back by clicking on it again.
For more information on the new console dashboards, see the Dashboards documentation.
Each new dashboard has been derived from existing information in the console's previous iteration of dashboards, but now includes far more information, the ability to drop down into specific data, and high-quality visuals for easy understanding and use. The following sections describe each dashboard and its characteristics.
The Threat Summary dashboard provides you graphical information on incidents. This replaces the previous Incidents dashboard and includes some information previously in the Security Posture dashboard and Incidents Summary page.
The Vulnerability Summary dashboard provides you graphical information on scanning and configuration assessments. This replaces the previous Remediations dashboard and includes some information previously in the Security Posture dashboard.
Coverage and Health
The Coverage and Health dashboard provides you graphical information on general account health, which includes your network, appliances, agents, other assets, and entitlement usage. This replaces the previous Health Summary page.
The Endpoint Protection dashboard provides you graphical information on endpoints. This replaces the previous Endpoint dashboard and includes far more information than previously available.
Alert Logic console navigation has been modified in order to highlight the important data included in the new dashboards. The menu, previously static at the top of the console, can now be found in a collapsible side panel. Access the console navigation menu by clicking the menu icon () in the top left corner of the screen.
All previous Alert Logic console pages have now been consolidated into this side panel navigation menu. The only exceptions to this are:
- Remediations page, which has been replaced by the Exposures page
- Previous dashboard pages, which have been replaced by the new dashboards available in the Dashboards page
Each main menu item - Respond, Investigate, Validate, Configure, and Manage - is clickable and will display a list of its available child pages.
A high-level overview of the focus of each navigation menu item:
- Respond - View and manage security and configuration findings Alert Logic has identified in your environment
- Investigate - Perform open-ended investigative actions on data Alert Logic has collected to provide deeper security value
- Validate - Summarize and report on data Alert Logic has collected in your environment
- Configure - View and update security and compliance technologies in your Alert Logic environment
- Manage - Perform administrative tasks that affect your Alert Logic account
For more information on the Alert Logic console navigation changes, see the following articles and documentation:
- Find What You Need in the Alert Logic MDR Console knowledge base article
- Dashboards Navigation documentation
Exposures and remediations are used to help you manage security risks in your environment. These exposures and remediations can now be accessed and managed in the Alert Logic console on the Exposures page within the navigation menu () > Respond. An exposure is a potential vulnerability detected in your environment, while a remediation is an action you can take to resolve an exposure or group of exposures. With this new page configuration, you can now begin with a potential vulnerability and drill into its solution.
In the new console experience, the Exposures page replaces the Remediations page that customers may have been familiar with. The data and functions previously located on the Remediations page are available on the Exposures page, other than the Planned state, which has been deprecated. Additionally, the Completed state has been renamed as Concluded on the Exposures page.
For more information on the Alert Logic Exposures feature, see the following article and documentation: