5.6.9. Web UI `Assets` screen
The active equipment management interface presents a list of the various equipment present on the network classified by risk score.
The equipment with the highest risk score is the one with the most high criticality alerts.
After pressing the
`Assets` button on the navigation bar, the following screen is displayed.
Item |
Description |
|---|---|
1 |
Dashboard selector |
2 |
Active equipment list display area |
Note
If the message `This feature is disabled; check your configuration or your license` is displayed:
Check the NDR configuration, see the Configuring the NDR
Check license, see the `License` screen
5.6.9.1. `Assets` screen dashboard selector
The selector includes the following items:
Item |
Name |
Description |
|---|---|---|
1 |
Number of results |
Display of the number of records found |
2 |
Search field |
Enables entering a text to be searched in the page |
3 |
GCap selector |
Selection of GCap |
4 |
|
Select the GCap and and the period
`15 days ago`.The fast mode uses cached data to present faster results.
When fast mode is enabled (default), only two timerange are available : 15 days ago and yesterday.
When fast mode is enabled, it is not possible to filter by GCap.
|
5 |
Time period selector |
Selection of the display period if the Fast mode is enabled |
5.6.9.2. Active equipment list display area
The display consists of:
Item |
Description |
|---|---|
1 |
Type of risks. The risk level is indicated by the colour. The type of risk is indicated by the corresponding icons.
Above 2, an indicator shows the number of risk.
By clicking on this indicator, a window gives additional information.
|
2 |
`Engine`Engine which has detected the alert
|
3 |
`Name`Name of the active equipment either the IP address or the hostname
|
4 |
Type of the active device (laptop, smartphone...)
|
5 |
`OS`Operating system either MAC OS, IOS, Windows, Android or ... )
|
6 |
IP address
IP address of the infected device.
|
7 |
`MAC address` |
8 |
`MITRE`Viewing the MITRE category
|
9 |
`Tag`Tags field if indicated (Confirmed incident, Critical, Doing, Done)
|
10 |
`Notes`Notes field if indicated
|