Skip to content

Dashboards¶

Detection Insights ¶

An absolutely essential ES add-on for health checks, configuration audits, and scheduling insights. Be sure to follow the installation guide and install the additional visualizations.

Octamis XBaseD Detections ¶

A fantastic set of dashboards for risk-based detection health as well as investigating risk alerts from RedTigR on the Outpost Community Slack.

Threat Object Fun ¶

Dashboards focused around utilizing threat object for tuning, automation, and hunting by me (Haylee) and Stuart McIntosh. You can watch our .conf23 talk here or view our slides to get more context on how to use threat object effectively.

EDR Allowlist ¶

edr_allowlist_dashboard.xml

A simple add-to-allowlist dashboard example, so analysts can easily add to a lookup referenced in detection SPL and implement tuning quickly.

Old RBA Dashboards for Reference / Inspiration¶

ATT&CK Matrix Risk (Business View)¶

attack_matrix_risk.xml

Portrays risk in your environment through the lense of RBA and the MTRE ATT&CK framework.

Attribution Analytics (Tuning View)¶

audit_attribution_analytics.xml

Helpful for tuning new detections.

RBA Data Source Review ¶

rba_data_source_overview.xml

This helps you to better what data sources you are using in RBA and see gaps in your coverage.

Risk Attributions (Investigative View)¶

risk_attributions.xml

Risk Attributions.

Risk Investigation ¶

risk_investigation.xml

Risk Investigations.

Risk Notable Analysis ¶

risk_notable_analysis_dashboard.xml

Risk Notable Analysis.