CloudGuard AppSec provides fours views for monitoring system events:
- Graphical Dashboard - graphical view of security events with Critical & High severity.
- Important Events - tabular view of security events with Critical & High severity.
- All Events - tabular view of all security event including events with Medium, Low and Info severity.
- Notifications - tabular view of administrative system events.
The AppSec dashboard is a single-pane view of important security events.
To reach the dashboard select Monitor, then AppSec Dashboard in the main menu.
Controls in the dashboard are clickable and will allow you to drill down and see granular event details.
Following is a description of the Dashboard sections:
You can right click on Dashboard items to drill down as well as "filter in" or "filter out":
When you double click on an event, a card shows details about the specific event.
You can filter events based on time ranges by clicking the time filter selector at the top left corner.
CloudGuard AppSec features an extensive event query language. For more details see here:
When browsing to Monitor->Notifications a specific log view is shown.
This view includes notifications to the user about an issue and a remediation action item, usually regarding detection of a configuration or environment issue CloudGuard AppSec has detected around it.
The Log view includes a "Remediation" column where the instructions will be shown.
Urgent notifications, if there are any, will appear on the top bar of the application in any page, leading to this page for additional information.