Overview

Navigate to Threats > Overview to display incidents logged in your network.

With the buttons at the top of the content area, you can select the reporting period. In the information fields and in the Logs Severities charts, the incidents logged in the selected reporting period are displayed by level of severity.

There are four levels of severity:

• High

• Medium

• Low

• Notice

The other charts on this dashboard display the countries, assets, and internal IP addresses involved in the logged incidents. The IPS, MISP, and policy events detected by Threat Defender are also displayed.

Note

Information on Source Countries and Destination Countries is based on GeoIP values. If you use a private IP range, the source and/or destination country is displayed as Unknown or invalid territory.

From here, you can drill down into deeper reporting levels to further investigate any suspicious traffic.