Configuring the All Cloud Offenses dashboard
You can consolidate the cloud offenses in your environment into an overview dashboard so that analysts can visualize potential cloud-related offenses in one place. Add key cloud-based log sources and log source types that are suggested during configuration, and any other relevant ones.
Before you begin
You must have QRadar® administrator privileges to configure the app.
About this task
Procedure
- From the Admin tab, click .
- Required: Configure the General tab. You must create an authentication token before the All Cloud Offenses tab appears. For more information, see Configuring cloud service providers to communicate with QRadar Cloud Visibility.
- Click the All Cloud Offenses tab and select the Enable
All Cloud Offenses dashboard checkbox. The table displays the cloud-based log source types and log sources that are suggested for your environment. These are automatically added to the configuration and contribute to the All Cloud Offenses Overview dashboard.
- Add any other log source types and log sources that you need the app to monitor so that the offenses from the events that are picked up by the log sources appear in the All Cloud Offenses Overview dashboard.
- Optional: To remove items from the All Cloud Offenses dashboard, select the relevant checkbox and click Remove. If the list is long, use the Search field to find the items you want to remove.
- Click Set to save your changes.