customized dashboards of SIEM

How to Customize a Dashboard on Logsign SIEM?

Dashboards are an integral part of a SIEM solution as they help you in visualizing the security of your organization’s technical infrastructure in real-time. In our last article, we discussed in detail about the pre-configured dashboards on Logsign SIEM and the information they present for your security team. In this article, we explore how you can customize a dashboard, add widgets, manage dashboard categories, arrange dashboards and categories, and much more.

Dashboards & Categories

On the Dashboards menu, you will see a total of 11 categories, apart from Welcome Dashboard and Custom Dashboards. These categories have more than 40 pre-configured dashboards. Read more about these categories and the types of dashboards on Logsign SIEM.

dashboards and categories
Figure 1: Dashboards and Categories

Click on the Edit Menu button to arrange the dashboard menu. You can change the order of categories by clicking the category name, drag, and then drop it at your preferred location. Similarly, you can re-arrange the dashboards within a category by drag and drop.

dashboard menu
Figure 2: Editing the dashboard menu

To edit or delete a category and its constituent dashboards, click on the corresponding Edit and Delete icons.

dashboard edit and delete icons
Figure 3: Edit and delete icons for a category of dashboards

Adding a new dashboard

You can add a new dashboard to the existing categories or create a separate category for your customized dashboards.

For creating a new category, click on the Add Category button in the Dashboard menu. Enter the name for your category and click on the Save button.

creating a new dashboard
Figure 4: Creating a new Dashboard category

Now, click on the New Dashboard button. Enter the name for your dashboard, select the desired category, add tags if needed, and click on the Save button.

creating a new dashboard
Figure 5: Creating a new dashboard

Your dashboard will now load on your screen. Right now, this will be blank – you need to populate it with various widgets.

New dashboard
Figure 6: New dashboard

Click on the Add Widget to create your first widget for your dashboard. The Widget Wizard will open up, and it shows the following options:

  1. Histogram with Bar Chart
  2. Histogram with Spark Line
  3. Stacked Histogram Chart
  4. Grouped Data with Pie Chart
  5. Number Ticker
  6. Number Ticker – Histogram
  7. Bubble Chart
  8. Grouped Data with Label
  9. Grouped Data with Colour
  10. Map Chart
  11. Bar Chart
  12. Line Chart
  13. Column Chart
  14. Area Chart
  15. Pie Chart
  16. Grouped Data
  17. System Stats
  18. EPS Stats
  19. Text Widget
  20. Bandwidth Widget
  21. Scatter Chart
  22. Table Widget
  23. Tree Map
  24. Nested Group
selecting a widget for dashboard
Figure 7: Selecting a widget

For this demo, we have selected a Stacked Histogram Chart. Click on the Next button to continue.

Now, you need to define the data source for your widget. Let’s say that we need to see events from a particular vendor such as Trend Micro. We name the widget as Trend Micro Demo and select Reports from the information source dropdown. We select Time.Generated from the Time Column and EventSource.Product from the Grouped Column. The query entered is EventSource.Vendor:”TrendMicro” and index time selected is 24 hours.

content settings on widget wizard at dashboard
Figure 8: Content Settings on Widget Wizard

The next section on Widget Wizard asks you to select the Widget type. Select an option from the dropdown and click on the Save button.

dashboard settings and widget wizard
Figure 9: View Settings on Widget Wizard

Your widget should now appear on your dashboard. You can drag and drop to change its location and resize it as per your arrangement of widgets on the dashboard. Accordingly, you can add more widgets on your dashboard to populate it with visualizations.

widget added on dashboard
Figure 10: Widget added successfully on the dashboard

Modifying an existing widget

At times, you may need to modify the settings of an existing widget for reasons such as changing the duration of data, selecting a different type of chart to visualize data, etc. First, go to the widget that you wish to modify. In its top-right corner, it displays index time, i.e., total duration for which it is visualizing the data, along with Settings and Delete icon. The Widget Wizard opens when you click on the Settings icon. To remove a widget, click on the Delete icon and confirm your choice.

customizing a dashboard on Logsign SIEM
Figure 11: Modifying an existing widget

Have you been able to set up customized dashboard and widgets for your organization? Feel free to get in touch with our Support team if you have any questions or queries. 

Leave a Reply

Your email address will not be published. Required fields are marked *