Applies To: WatchGuard Advanced EPDR
The Indicators of Compromise (IOCs) dashboard provides insights into the results of the IOC search tasks. Several tiles show important information and provide links to more details.
For more information on IOC search tasks, go to Create an IOC Search Task.
Time Period Selector
The dashboard shows information for the time period selected by the administrator in the drop-down list at the top of the Status page.
You can select these time periods:
- Last 24 hours
- Last 7 days
- Last month
- Last year
Some tiles do not show information for the last year. If information from the last year is not available for a specific tile, a notification appears.
The IOC dashboard includes these tiles:
Most Detected IOCs
The Most Detected IOCs tile shows a graph with the IOCs detected on the computers on the network during the selected time period.
The graph includes the detected IOC name and the number of computers on which each IOC was found. The size of the rectangle is proportionate to the number of times that the specific IOC was detected as a percentage of all IOCs detected on the network.
Search tasks identify an IOC once only on each computer.
To open the Detected IOCs list filtered to show the selected IOC, click a rectangle in the graph.
Detected IOCs Trend
The Detected IOCs Trend tile shows a line graph of the number of IOCs detected over a period of time.
To open the Detected IOCs list filtered to show IOCs for the selected date, click a data point on the graph .
Last IOC Search Tasks
The Last IOC Search Tasks section shows a list of the most recent IOC search tasks created.
In this section, you can:
- To edit task settings, click the task.
- To delete a task, click
and select Delete. - To open the Tasks page filtered to show all IOC search tasks, click View All.
- To open the Detected IOCs list filtered to show all completed detection tasks (failed and successful), click View IOC Detection History.