Viewing the Dashboard

Administrator Help | TRITON AP-DATA | Version 8.3.x

By default, the Dashboard opens every time you access the Data module of the TRITON Manager. This page shows a comprehensive view of data loss prevention incidents that occurred in the last 24 hours, and the total number of discovery incidents.

From the Dashboard, you can see any system health alerts and act on them quickly and easily. You can also view incidents by host names and policy categories so you know where your greatest risks lie.


	Note The page displays only incidents that the current administrator is authorized to view. Adobe Shockwave Player is required.

Health Alert Summary

The Today section shows relevant license information, system messages, configuration gaps, and deployment updates.

Click on an alert to see further information or take action on any issues. For example, if the Health Alert Summary is displaying missing essential configurations and actions, click the link to see further details and direct links to the required fixes.

Business Value

This section displays the approximate amount of data collected over the last 24 hours, including:

Inspected Web traffic - The number of Web transactions (including Web and FTP posts) that were analyzed, and the cumulative volume of the traffic in megabytes.

Inspected email messages - The number of email messages that were analyzed, and the cumulative size of the messages in megabytes.

Inspected mobile device messages - The number of email messages that were analyzed when being sent to mobile devices from network Exchange servers, and the cumulative size of the messages in megabytes.

Discovery inspected items - the number of files plus the number of database chunks scanned using network discovery, and the cumulative size of these items in megabytes. (A database chunk equals ~5000 records.)

Connected endpoints - The number of endpoint clients connected to the system.

Synchronized mobile devices - The number of mobile devices that have synchronized with the mobile agent in the last 24 hours (may be fewer than the number of registered devices).

Data Loss Prevention Incidents

Data Loss Prevention Incidents displays the number of data loss prevention incidents that have been detected in the last 24 hours. Two graphs are included:

Incident Risk Ranking - Top Cases (dd mm yyyy): Cases are groups of related incidents that, combined, indicate a risk to your organization—for example, incidents of data being sent to suspicious destinations or those occurring outside normal office hours.

Cases are assigned risk scores based on sophisticated security analytics.

This chart displays the number of cases during the last 24 hours with scores above your threshold. You specify which scores to display under Settings > General > Reporting.

Click the chart to view details on each case.

Incident Risk Ranking - Top Cases (last 7 days): displays the number of cases that were detected during each of the last 7 days. The height of the bars and the value shown inside represent the number of the risky cases for each date. This number is determined by the threshold you set under Settings > General > Reporting.

Incidents by Severity: displays the number of incidents that have entered the system in the last 24 hours by severity. These include all incidents that the system has detected.


Field	Description
High	Number of incidents that have been set to the most severe setting and should be handled immediately.
Medium	Number of incidents that have been set to the medium severity setting and should be handled soon.
Low	Number of incidents that have been set to the most lenient severity setting and should be handled.

Top 5 Policies: displays the policies that had the most incident violations, and the number of incidents in each of these policy categories.

The Last data loss prevention incident field provides the exact date and time the last incident was logged in TRITON AP-DATA.

Clicking the My data loss prevention incidents link displays the incident summary screen where you can view and manage the incidents assigned to you.

Discovery Incidents

Discovery Incidents displays the total number of discovery incidents detected by a TRITON AP-DATA discovery scan. Two graphs are included:

Top 5 Hosts: displays the top 5 violating hosts and the number of incidents detected on these hosts broken into categories of urgency. (See above.)

Top 5 Policies: displays the top 5 policy categories that were violated, and the number of incidents discovered for these policy categories.

The Last discovery incident and My discovery incidents fields work the same as for data loss prevention incidents. (See above.)