Reports
Click ‘Reporting’ on the left menu
- SOCaaP - Alerts/Escalations provides a variety of reports such as endpoint compliance, weekly report and more.
- By default, reports are shown for the past seven days
- To view reports for a different time period, click the date range at the top and choose from the options:
- To view data for a custom period, select from and to dates from the calendars
- Click 'Update'
Use the filters to search for particular reports:
- Select the report type click ‘Search’
- Reports matching the filter are shown below.
- Click ‘Clear’ to view all reports again.
The lower pane shows the reports for the selected time period:
Click a column header to sort the
reports by alphabetical / ascending / descending order.
- Report Name – The report label
- Report Type – Report category
- Reported at – Report generated date and time
- Period – Indicates the ‘from’ and ‘to’ days for which the report is generated
- Status – Whether the report is downloaded or not. Closed envelope icon indicates the report is not downloaded.
- View Report - Click this to save the report.
Download a report
- Click the arrow in the report row that you want to save:
- Click ‘OK’ to save the report.
Report Type |
Frequency |
Description |
---|---|---|
Weekly report |
Weekly |
Report of actionable incidents, unusual network traffic, threat types, log collection summary and more. |
EDR operational report |
Weekly |
The report contains continuous monitoring and response service outputs for advanced threat protection of endpoints. |
Dashboard report | On-demand | Total events received from sources such as domain controller, Palo Alto, web proxy, ProffPoint and so on. |
Endpoint compliance report |
Weekly |
Details such as total number of enrolled devices, last reporting status, Xcitium anti-virus product version status, new malwares detected in past one week and so on. |
Executive report |
Monthly |
This report includes work summary like investigated and notified incident details and log collection details. Report also contains some analytics on data collected from customer and provides summary about overall security level of the customer. |
Threat intelligence report |
Monthly |
A report of vulnerabilities analyzed by the SOC team on all customer products. It includes the latest threats analyzed as well as the result of SOC checks in the customer networks. |
Incident report |
Weekly |
Contains information about network and system security. |