Top Policy Violations Notification Widget

This feature is only available in the new LogRhythm NDR UI.

1. Log in to the LogRhythm NDR UI.

2. Click the blue Try New UI tab at the top-right corner of the Dashboard.
   A new tab appears that allows you to log in to the new UI.

3. Log in to the new LogRhythm NDR UI. 

   For information on how to set up a log in for the new NDR UI, see Top Policy Violations Notification Widget | id (2024.05)TopPolicyViolationsNotificationWidget LogintotheNewNDRUI.

   
   In the Dashboard, the Top Policy Violation widget appears.

4. To select the time interval, use the date range picker at the top-right corner of the Dashboard.

5. To see the cursor tool tip, place the mouse over the entries in that widget.
   More information for that particular widget appears, including UUID, State, and Entry type.

6. To see more values (like Certainty, Severity, and Score), place the mouse over the image in that particular entry.

7. Change the settings at the top of the widget to do the following:
   Change the number of items shown in this widget.
   Switch between incidents and policy violations.
   Sort the entries in this widget by Certainty, Severity, or Score.

8.  To go to the respective Policy violation page or incident page, click the entry in the widget.

Log in to the New NDR UI

1. Log in to the LogRhythm NDR UI.

2. In the top right of the page, place your cursor over your profile name and role and click Edit Profile.
   The Edit Profile page appears.

3. To enable the Keycloak login, click the Enable Keycloak Login checkbox.
   The Credentials for Keycloak login box appears. 

4. Type a new password in the Password field and in the Confirm Password field and click Create.  
   The message "Created Successfully" appears.

5. Click Ok.

6. Click the blue Try New UI tab.
   The new UI opens in a new tab.

7. Enter your username and new password you created and click Sign In. 
   The Dashboard of the new UI appears.