Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • User Guide

    2024.10.0
    2024.10.0
    2024.9.0
    2024.7.0

    Default dashboard

    Default dashboard

    The default dashboard includes five widgets, most of which are focused on detection activity. You can use the dashboard as both an analytical and operational tool to view and act on the most important threats on your system.

    Widget

    Description

    MITRE ATT&CK

    Detections are organized based on the MITRE ATT&CK® framework.

    • There are two bars for every detection activity:

      • The left bar will show detections from previous time period.

      • The right bar will show detections from current time period.

    • The column names may differ depending on the coverage on each account,.

    • Click the dates at the top of the widget to filter the chart by the previous and current weeks.

    • Hover over the bars in the chart to view the discover counts.

    • Click the bars in the chart to open the Detections Table. See, Detections Table.

    Observation

    The Observations widget shows all of the observation counts for current week in descending order as a scollable table. The number of observations is displayed next to Observation Title.

    • You can click the Observation Title to pivot to observation detail page.
    • Click the column headers to sort the table.
    • Hover over the data points in the graph to view detailed information about the observation.

    To filter the items in the widget:

    • Click Hide All Graphs and then click the toggle next to the observation you want to see.
    • Use the Confidence dropdown to filter observations based on the confidence level (All, High, Moderate or Low).

    Notable Detections

    Highlights active detections with the highest severity and detection count.

    Investigations

    Highlights investigations with the most recent activity.

    • The table is sorted by Last Modified. Any investigations that are modified appear at the top.

    • Click Investigations to open the Investigations page. See Investigations.

    • Click an investigation name to open the Investigation Details page.

    • Hover over Last Modified By or Name to view more information.

    Resolved Detections

    Displays daily resolved detection counts over time to highlight changes in activity (Total, Average and Maximum).

    You can click a data point in the chart or the Total detections, to view the resolved detections in the Defections Table.

    Previous
    Next

    Default dashboard

    Default dashboard

    The default dashboard includes five widgets, most of which are focused on detection activity. You can use the dashboard as both an analytical and operational tool to view and act on the most important threats on your system.

    Widget

    Description

    MITRE ATT&CK

    Detections are organized based on the MITRE ATT&CK® framework.

    • There are two bars for every detection activity:

      • The left bar will show detections from previous time period.

      • The right bar will show detections from current time period.

    • The column names may differ depending on the coverage on each account,.

    • Click the dates at the top of the widget to filter the chart by the previous and current weeks.

    • Hover over the bars in the chart to view the discover counts.

    • Click the bars in the chart to open the Detections Table. See, Detections Table.

    Observation

    The Observations widget shows all of the observation counts for current week in descending order as a scollable table. The number of observations is displayed next to Observation Title.

    • You can click the Observation Title to pivot to observation detail page.
    • Click the column headers to sort the table.
    • Hover over the data points in the graph to view detailed information about the observation.

    To filter the items in the widget:

    • Click Hide All Graphs and then click the toggle next to the observation you want to see.
    • Use the Confidence dropdown to filter observations based on the confidence level (All, High, Moderate or Low).

    Notable Detections

    Highlights active detections with the highest severity and detection count.

    Investigations

    Highlights investigations with the most recent activity.

    • The table is sorted by Last Modified. Any investigations that are modified appear at the top.

    • Click Investigations to open the Investigations page. See Investigations.

    • Click an investigation name to open the Investigation Details page.

    • Hover over Last Modified By or Name to view more information.

    Resolved Detections

    Displays daily resolved detection counts over time to highlight changes in activity (Total, Average and Maximum).

    You can click a data point in the chart or the Total detections, to view the resolved detections in the Defections Table.

    Previous
    Next