Network Detection and Response – Reports
ID | Report Name | Report Description | Minimum Data Requirement | Recommended Data Requirement | Intelligent Indexing | Network Monitor Required? |
|---|---|---|---|---|---|---|
954 | Network : Top 10 Domains | For use with the LogRhythm Network Monitor. Shows top 10 Domains in use by bandwidth (bytes out + bytes in). | Firewall or Network Flow Data | LogRhythm Network Monitor, Next Gen Firewall | No | Yes |
955 | Network : Top 10 Applications | For use with the LogRhythm Network Monitor. Shows top 10 applications in use by bandwidth (bytes out + bytes in). | Next Gen Firewall | LogRhythm Network Monitor | No | Yes |
956 | Network : Top 10 Hostnames (Impacted) | For use with the LogRhythm Network Monitor. Shows top 10 hostnames (impacted) by bandwidth (bytes out + bytes in). | Firewall or Network Flow Data | LogRhythm Network Monitor, Next Gen Firewall | No | Yes |
957 | Network : Top 10 Hostnames (Origin) | For use with the LogRhythm Network Monitor. Shows top 10 hostnames (origin) by bandwidth (bytes out + bytes in). | Firewall or Network Flow Data | LogRhythm Network Monitor, Next Gen Firewall | No | Yes |
958 | Network : Unauthorized/Risky Application Usage | For use with the LogRhythm Network Monitor. This report provides a summary of unauthorized/risky applications identified by the LogRhythm Network and defined by the user. The list "Network: Unauthorized/Risky Applications" needs to be populated for this report to run. | Next Gen Firewall | LogRhythm Network Monitor | Yes | Yes |
959 | Rogue Host Detection Summary | For use with the LogRhythm Network Monitor. This report shows a summary of all hostnames picked up by the Rogue Host alarm. CIS Critical Security Control(s): CSC 1.1, CSC 1.4 | New Network Host AI Engine Rule | New Network Host AI Engine Rule | N/A | Yes |
960 | Summary Of AI Engine Events | This report shows a summary of all AI Engine events by day. | Network Threat Analytics AI Engine Rules | Network Threat Analytics AI Engine Rules | N/A | No |
1015 | Top Attackers Summary | This report provides a summary of top attackers by origin host. CIS Critical Security Control(s): CSC 6.4, CSC 6.6 | Any Security Log Source | IDS/IPS,Firewall,AV,Vulnerability Scanners,Security Devices | Yes | No |