Go to the table of contents Go to the previous page Go to the next page View or print as PDF
The Status Dashboards > Threats dashboard
Threats dashboard
Administrator Help | Forcepoint Web Security and Forcepoint URL Filtering | v8.5.x
Related topics:
Use the Threats tab of the Status > Dashboard page to monitor and investigate suspicious activity in your network.
*
*
The initial view of the Threats dashboard shows:
*
Top Security Destinations shows the top countries to which suspicious traffic is being sent, or in which sites associated with suspicious activity are hosted.
*
Security Events by Type shows the number of blocked requests, permitted requests, or both for sites (destinations) in the top security categories associated with malware threats.
*
Suspicious Event Summary lists information about threat-related events in your network.
A Status control in the top, right corner of the tab indicates whether Threats data is being updated automatically.
*
If the status is Running, click Pause to prevent data from being updated while you examine current results.
*
If the status is Paused, click Start to update the dashboard with any new data collected while updates were halted.
Additional controls at the top of the tab let you restrict the information in the charts and summary table to the specified:
*
*
*
With Microsoft SQL Server Express, the maximum time period is 30 days, and cannot be changed.
*
Click the Severity Mapping link for more information about the categories associated with each severity level.
*
*
For Super Administrators, the number of Advanced File Analysis requests made in the selected time period is also listed (see Advanced File Analysis report). Click the link to open the Reporting > Advanced File Analysis page and view the details.
Administrators can also use the Top Event Destinations map and Security Events by Type chart to further refine the information that appears in the summary table at the bottom of the page.
*
The size of the dot reflects the number of incidents associated with that country. Hover over a dot to see a tooltip showing the country name. (Hovering over a blue area without a dot displays the name of the continent.)
*
Each category is represented by a different color in the chart; hover over a bar or segment in the chart to see a tooltip showing the category name.
By default:
*
*
To modify the information in the map or the chart:
*
Click the Options icon, then select Edit.
*
Use the Top list (both elements) or Chart type list (Security Events by Category chart) to update the display.
Changing the "top" value or chart type does not affect the information displayed in the summary table.
The Suspicious Event Summary table offers a variety of options to help you identify specific events to investigate.
*
To stop filtering the table based on the term in the Search box, click Clear.
*
*
The Suspicious Event Summary can be customized to show or hide any of the following columns. The columns displayed by default are marked with an asterisk (*).
 
(Forcepoint Web Security only) Indicated by a magnifying glass icon (). Indicates whether the event included an attempt to send files.
(Forcepoint Web Security only) The name of the machine on which the activity occurred.
To add columns to the chart, or to remove columns, click the Customize link above the table. Mark or clear the check box next to a column name to add or remove the column from the table.
To export the contents of the table to a CSV file, click Export to CSV. Select the time period for which to export event data, then click Export.

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
The Status Dashboards > Threats dashboard
Copyright 2018 Forcepoint. All rights reserved.