The OTbase EVENTS page, accessible from the main menu, allows you to monitor several event categories such as newly discovered devices or new CVEs that affect your installed base.
You can select the event type that you want to examine by clicking on any of the exposed boxes in the upper screen area. The selected event type is identified by an orange line around the box. In the example above, the New CVE event type is selected.
Note that you can re-sort the tables by clicking on a column header, and customize the tables by moving columns with drag-and-drop. Right-click on any of the column headers will pop up a context menu that allows you to activate or de-activate certain columns.
A double click on any specific table row (drill-down) will open a new browser window with additional detail on the selected entry.
Selecting a time range
You can select the time range (last 24 hours, last 7 days, or last 30 days) in the drop-down in the upper right corner.
New devices
This list shows any new devices that were discovered within the selected time range.
Changed devices
This list shows any devices for which a configuration change was detected within the selected time range.
Health events
This list shows any asset health events that were detected within the selected time range. Asset health events may be faulty hard disk, memory exhaustion, CPU exhaustion, etc.
New CVE
This list shows new CVEs affecting your installed base that dropped during the selected time range. Note that you will also see CVE changes. So if a pretty old CVE was changed within the selected time range, it will also be exposed.
New problems
This list shows new problem reports within the selected time range.
Change cases
This list shows new change cases within the selected time range.
Changed systems
This list shows any configuration changes for OT systems within the selected time range, if the configuration for a system was previously marked as approved. Different from configuration changes for individual devices, changes of approved system configurations may indicate a violation of system integrity.
Devices not seen
This list shows devices that have not been seen by OTbase Discovery within the selected time range.
New data flow
This list shows new data flow that was picked up within the selected time range. Note that the exposure of data flow requires network gear that supports the Netflow or SFlow services.
Email notifications
You may receive event notifications by email if your administrator has activated this functionality on the MAINTENANCE page.
Export to Excel
The selected event table can be exported to Excel by clicking the button on top of the page.
Comments
0 comments
Please sign in to leave a comment.