Dashboards are an integral part of a SIEM solution as they help you in visualizing the security of your organization’s technical infrastructure in real-time. In our last article, we discussed in detail about the pre-configured dashboards on Logsign SIEM and the information they present for your security team. In this article, we explore how you can customize a dashboard, add widgets, manage dashboard categories, arrange dashboards and categories, and much more.
Dashboards & Categories
On the Dashboards menu, you will see a total of 11 categories, apart from Welcome Dashboard and Custom Dashboards. These categories have more than 40 pre-configured dashboards. Read more about these categories and the types of dashboards on Logsign SIEM.
Click on the Edit Menu button to arrange the dashboard menu. You can change the order of categories by clicking the category name, drag, and then drop it at your preferred location. Similarly, you can re-arrange the dashboards within a category by drag and drop.
To edit or delete a category and its constituent dashboards, click on the corresponding Edit and Delete icons.
Adding a new dashboard
You can add a new dashboard to the existing categories or create a separate category for your customized dashboards.
For creating a new category, click on the Add Category button in the Dashboard menu. Enter the name for your category and click on the Save button.
Now, click on the New Dashboard button. Enter the name for your dashboard, select the desired category, add tags if needed, and click on the Save button.
Your dashboard will now load on your screen. Right now, this will be blank – you need to populate it with various widgets.
Click on the Add Widget to create your first widget for your dashboard. The Widget Wizard will open up, and it shows the following options:
- Histogram with Bar Chart
- Histogram with Spark Line
- Stacked Histogram Chart
- Grouped Data with Pie Chart
- Number Ticker
- Number Ticker – Histogram
- Bubble Chart
- Grouped Data with Label
- Grouped Data with Colour
- Map Chart
- Bar Chart
- Line Chart
- Column Chart
- Area Chart
- Pie Chart
- Grouped Data
- System Stats
- EPS Stats
- Text Widget
- Bandwidth Widget
- Scatter Chart
- Table Widget
- Tree Map
- Nested Group
For this demo, we have selected a Stacked Histogram Chart. Click on the Next button to continue.
Now, you need to define the data source for your widget. Let’s say that we need to see events from a particular vendor such as Trend Micro. We name the widget as Trend Micro Demo and select Reports from the information source dropdown. We select Time.Generated from the Time Column and EventSource.Product from the Grouped Column. The query entered is EventSource.Vendor:”TrendMicro” and index time selected is 24 hours.
The next section on Widget Wizard asks you to select the Widget type. Select an option from the dropdown and click on the Save button.
Your widget should now appear on your dashboard. You can drag and drop to change its location and resize it as per your arrangement of widgets on the dashboard. Accordingly, you can add more widgets on your dashboard to populate it with visualizations.
Modifying an existing widget
At times, you may need to modify the settings of an existing widget for reasons such as changing the duration of data, selecting a different type of chart to visualize data, etc. First, go to the widget that you wish to modify. In its top-right corner, it displays index time, i.e., total duration for which it is visualizing the data, along with Settings and Delete icon. The Widget Wizard opens when you click on the Settings icon. To remove a widget, click on the Delete icon and confirm your choice.
Have you been able to set up customized dashboard and widgets for your organization? Feel free to get in touch with our Support team if you have any questions or queries.