Skip to main content
Skip table of contents

Network Detection and Response User Guide – Reports

This section includes the Reports that are included in the Network Detection and Response Module.

Network: Top 10 Domains

Report ID: 954

Shows the top 10 domains in use by bandwidth (bytes out + bytes in). For use with the LogRhythm Network Monitor.

Minimum Log Sources

Firewall or Network Flow Data

Recommended Log Sources

    • LogRhythm Network Monitor
    • Next-Gen Firewall

Network: Top 10 Applications

Report ID: 955

Shows the top 10 applications in use by bandwidth (bytes out + bytes in). For use with the LogRhythm Network Monitor.

Minimum Log Sources

Next-Gen Firewall

Recommended Log Sources

LogRhythm Network Monitor

Network: Top 10 Hostnames (Impacted)

Report ID: 956

Shows the top 10 hostnames (impacted) by bandwidth (bytes out + bytes in). For use with the LogRhythm Network Monitor.

Minimum Log Sources

Firewall or Network Flow Data

Recommended Log Sources

    • LogRhythm Network Monitor
    • Next-Gen Firewall

Network: Top 10 Hostnames (Origin)

Report ID: 957

Shows the top 10 hostnames (origin) by bandwidth (bytes out + bytes in). For use with the LogRhythm Network Monitor.

Minimum Log Sources

Firewall or Network Flow Data

Recommended Log Sources

    • LogRhythm Network Monitor
    • Next-Gen Firewall

Network: Unauthorized/Risky Application Usage

Report ID: 958

Summary of unauthorized/risky applications identified by the LogRhythm Network and defined by the user. To work, populate the Network: Unauthorized/Risky Applications list.

Minimum Log Sources

Next-Gen Firewall

Recommended Log Sources

LogRhythm Network Monitor

Rogue Host Detection Summary

Report ID: 959

Summary of all hostnames picked up by the Rogue Host alarm. For use with the LogRhythm Network Monitor.

Minimum Log Sources

New Network Host AI Engine Rule

Recommended Log Sources

New Network Host AI Engine Rule

Summary Of AI Engine Events

Report ID: 960

Summary of all AI Engine events by day. For use with the LogRhythm Network Monitor.

Minimum Log Sources

Network Security Analytics AI Engine Rules

Recommended Log Sources

Network Security Analytics AI Engine Rules

Top Attackers Summary

Report ID: 1015

Summary of top attackers by Origin-Host.

Minimum Log Sources

Any Security Log Source

Recommended Log Sources

    • IDS/IPS
    • Firewall
    • AV
    • Vulnerability Scanners
    • Security Devices


JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close