Overview tab

The Overview tab provides a summary of the host.

Host summary

The Host summary contains the Threats widget which gives a quick overview of the threats detected on the host.

Related campaigns

The Related campaigns section lists the campaigns that affect the selected host. For an overview of the campaign, click the link to access the Campaign summary sidebar.

Host identity

The host identity section contains:

  • Host IP The IP address of the host.

  • Host name The detected name of the host.

  • Host label The label for the host. Click the edit icon to edit the label.

  • Device MAC address Lists all known MAC addresses seen for the host. Under each entry are timestamps for the first and last time the MAC address was associated with the host. These MAC addresses are obtained from DHCP traffic that was detected on the network.

Host configuration

The host configuration section contains:

  • On home network To add the host, click the toggle to Yes. Otherwise click the toggle to No.

  • Silenced To add the host, click the toggle to Yes. Otherwise click the toggle to No.

Host properties

The host properties section contains:

  • Sensor The sensor that monitors or detected the host.

  • First seen Timestamp indicating when the host was first seen.

  • Last seen Timestamp indicating when the host was last seen.

  • Device type The type of device detected. This can be a manufacturer (for example, Microsoft or Dell), a specific device (for example, Samsung Galaxy Tab or Chromebook), a generic device type (for example, Endpoint, Mobile, or Server), or a combination of each.

  • OS The operating system detected. For example, Windows 10, Ubuntu 19.10, etc.

  • Users The users that were seen on the host during the current time frame. The source of the user information is displayed after each entry, for example, Active Directory or Proxy-Auth-HTTP-header.

  • Tags The user assigned tags.

Tags widget

You can associate dynamic tags with the host. This allows you to label hosts by user (for example, CEO or Finance), function (such as DB server), or any other category. You can also add or remove a system-defined tag or another existing tag.

To create a tag, enter text on the Add a tag line.

To remove a tag, click the cancel/close after the tag name.