Security dashboards

Use dashboards to communicate insights and analysis about your network. Take the pulse of your SOC with dynamic real-time dashboards that provide meaningful insights into your security posture and threat landscape.

Dashboards include the following key capabilities:
  • Create unique dashboards to track and communicate insights and analysis about your network.
  • Fine-tune your display with complete flexibility in dashboard layout and dashboard item refresh rates.
  • Expand dashboard items to display in a multi-screen SOC.
  • Stay informed with single click drill-down to underlying data.
  • The predefined Threat Intelligence Insights dashboard provides a summary of data integrated from different data sources that are connected to the platform.

Homepage dashboard

The homepage dashboard efficiently summarizes information from KQL data sources and installed apps. Depending on your user permissions and which apps are installed, you see the following charts:
  • Recent Data Sources. You can drill down on this chart to the Recent Data Sources page.
  • Percentage of Parsed Events. You can drill down on this chart to the Percentage of Parsed Events page.
  • Total Events Ingested.
  • Total Gigabytes Ingested.
  • Most Severe Events over Time.
  • Most Severe Events over time by Source IP.
  • Open Cases by Severity. You can drill down on this chart to the Cases page.
  • Cases Over Time by Type.

The homepage dashboard is read-only. To create your own custom dashboards and interact with other preconfigured dashboards, click View dashboards or go to Menu > Dashboards.


Dashboards contain widgets that monitor and display security events and issues that are important to your organization. Create your own dashboards specific to your organizational and network needs. Enhance dashboards by adding widgets from the predefined Threat Intelligence Insights dashboard, or copy and modify widgets to use different chart types.

Every user can view the Cases and Cases - Team Analytics dashboards by default. Users need specific permissions to access all other dashboards.


Widgets contain a data source query and a minimum of one chart. You can add more charts as different views, such as a pie or bar chart.