Dashboard
- Print
- PDF
Dashboard
- Print
- PDF
Article Summary
Share feedback
Thanks for sharing your feedback!
Available in Classic
In Dashboard, you can check the results of detections and actions taken by the security services of Basic Security during the search period. In addition, it delivers weekly and monthly reports that summarize detection and action results via email, helping users monitor effectively.
Caution
- Anti-virus, WAF, Anti-DDoS, and IPS are paid security services dedicated to Security Monitoring Managed. Please refer to Security Monitoring Guide for more information about Security Monitoring Managed.
- You can only see the dashboard for the security services to which you've subscribed.
Dashboard page
The basics of using Dashboard are as follows.
| Field | Description |
|---|---|
| ① Menu name | Name of the menu currently being viewed |
| ② Basic features | Inquire about using Basic Security, check its details, refresh the Dashboard page |
| ③ Security services | Tab menu for each security service |
| ④ Dashboard | Area to view detection and action results by security service |
View Dashboard
You can check the results of detections and actions taken by security services during the search period in tables and graphs. The following describes how to view the information.
- From the NAVER Cloud Platform console's Region menu, click and select the region you're using.
- From the Platform menu, click and select Classic.
- Click the Services > Security > Security Monitoring menus, in that order.
- Click the Dashboard menu.
- Click the tab menu of the security service for which you want to view the detection and action results.
IDS
When you click the IDS tab menu, you can view the detected attacks for the search period. The following describes how to check the detection results of IDS.
- When the IDS page appears, click and select the period you want to search from Select period.
- When entering manually, the maximum search period is 31 days.
- To add search conditions, set the necessary items from Zone, Attack type, Attacker IP, and Target IP.
- Click the [Search] button.
- Check the search results.
- Registered time: the time when the detected security event was registered on the console
- You can check the actual detection time of the security event in View details.
- Zone: the zone where the security event was detected
- Attack type: the attack type of the detected security event
- Report type: information according to the analysis result of the detected security event
- Analysis report: It is determined to have an effect on the user's service, and needs to be checked by the user.
- Vulnerability action recommendation: A vulnerability has been detected on the user's service, and actions need to be taken.
- Intrusion analysis: It is determined to be an intrusion, and emergency actions need to be taken.
- Attacker IP: detected attacker IP address
- Target IP: IP address targeted for the attack
- View: For more information on detection information and load balancer information (when the target of the attack is LB IP) of the security event, click View details.
- Registered time: the time when the detected security event was registered on the console
- Click View graph to see the statistical figures for the search result in a graph.
- Check the graph.
- Number of detected attacks by attack type: You can check the number of detected attacks by attack type when you hover the mouse over it.
- Rate of detected attacks by attack type: You can check the rate of detected attacks by attack type when you hover the mouse over it. Then, you can click attack types to select only the items you want to see in the graph.
- Number of detected attacks by attacker IP: You can check the number of detected attacks by attacker IP when you hover the mouse over it.
- Rate of detected attacks by attacking country: You can check the rate of detected attacks by attacking country when you hover the mouse over it. Then, you can click attacking countries to select only the items you want to see in the graph.
Note
- To close the graph you checked from Step 6, click Hide graph.
- In Step 6, the attacking country is determined through the attacker IP, and the country name is indicated by the country code. Refer to ISO 3166-1 alpha-2 for country codes.
Anti-virus
When you click the Anti-virus tab menu, you can view the information of detected malware for the search period. In addition, you can check the method that was used to handle the detected malware. The following describes how to check the detection and action results of Anti-virus.
- When the Anti-virus page appears, click and select the period you want to search from Select period.
- When entering manually, the maximum search period is 31 days.
- To add search conditions, set the necessary items from Zone, Detection name/Detection path and Detected IP.
- Click the [Search] button.
- Check the search results.
- Detection time: the time when the security event was detected
- Zone: the zone where the security event was detected
- Detection name: name of the detected malicious file
- Detected IP: the IP address where the malware was detected
- Detection path: the location where the malware was detected
- Action status: It refers to the method used to handle the detected malicious file. It is categorized as follows: Quarantine, Pass, and Delete.
- Click View graph to see the statistical figures for the search result in a graph.
- Check the graph.
- Number of detections by detection name: You can check the number of detections by detection name when you hover the mouse over it.
- Number of detections by detection IP: You can check the number of detections by detection IP when you hover the mouse over it.
Note
To close the graph you checked from Step 6, click Hide graph.
Was this article helpful?