Skip to main content

Security Operations: Step 5.2 - Respond | Dashboard and Report

  • October 31, 2024
  • 0 replies
  • 349 views
Digital-Customer-Excellence
Staff
Forum|alt.badge.img+7

Table of Contents

 

129153iD511BB10DC5840A2.png

Google SecOps provides you the type visualization required to maintain awareness of security events, the SOC environment, and case information, in one product. Being able to communicate with your team and peers in security, in an instance, enables your team to effectively manage threats. Visualization can be a game changer. With Google SecOps’ Dashboards and Reports, users can visualize their Security Environment with ease. 

 

Actions

129154i18AF330025D3AE43.png
SIEM Dashboards

Google SecOps’ Dashboard page in the platform enables analysts to manage dashboards, giving them an overview of the specified data in various views in the form of widgets. A dashboard holds a maximum of 12 widgets, which can display data in various forms such as pie charts, horizontal or vertical bars, tables, ROI charts, etc., for any specified SOC environment or case occurrence time.

 


Steps
  1. Users will navigate to the left-side Navigation Bar and then select from the Dashboards and Reports dropdown menu.
  2. Users will then select SIEM Dashboards from the dropdown menu, which will display the SIEM Dashboards available. 
  3. The SIEM Dashboard page sidebar will display the following options:
    1. Default Dashboards
    2. Personal Dashboards
    3. Shared Dashboards
  4. If there are no Dashboards available, or the user would like to add a Dashboard, select the Add button, next to Personal Dashboards or Shared Dashboards.
  5. In the Add Dashboard dropdown menu, users can select to:
    1. Create New
    2. Import Dashboard
  6. At the top-right of the SIEM Dashboards page, users can select to:
    1. Reload the page
    2. Hide Filters
    3. Use Dashboards Actions
  7. In the Dashboard Actions selection, users can choose to: 129166i295DBA96D58ADC4D.png
    1. Clear Cache and Refresh
    2. Download
    3. Schedule Delivery
    4. Reset Filters
  8. In the Default Dashboards, users will see the pre-defined Dashboards consisting of:
    1. Context Aware Detections- Risk
    2. Data Ingestion and Health
    3. IOC Matches
    4. Main
    5. Rule Detections
    6. User Sign In Overview
  9. If a user selects to add a New Dashboard, users will see a New Dashboard page. In the middle of the page, users will see words “This Dashboard is Empty.” Users will select the Edit Dashboard button, below the text.
  10. Users will name the New Dashboard, and select the Add button. After selecting the Add button 129167i23E23F6D631B2945.png, users will see a dropdown menu that will display the following options for the Widgets that will be added to the Dashboard129168iA6B48499931ACEAE.png
    1. Visualization 
    2. Text
    3. Markdown
    4. Button
  11. Users will be able to explore different Visualizations:
    1. Entity Graphs
    2. IOC Matches
    3. Ingestion Metrics
    4. Rule Detections
    5. Rulesets with Detections
    6. UDM Events
    7. UDM Events Aggregates
  12. Users will be able to add a Text Widget, in the Edit Dashboard.
  13. Markdown Tiles are options for formatting the user’s Text or adding Links and Images that can make your Dashboards pop. Users can select a Markdown Tile, in the Edit Dashboard.
  14. Users will be able to Add a Button, with both Content and Design options:
    1. Content
      • Label
      • Link
      • Description
    2. Design
      • Button Style
      • Color
      • Button Size
      • Alignment
  15. When all fields and options are complete, users will select Save.
Relevant Documentation Links

 

 

129155i68504B1E1426AEB1.png

SOAR Dashboards

Google SecOps’ Dashboard page in the platform enables analysts to manage dashboards, giving them an overview of the specified data in various views in the form of widgets. A dashboard holds a maximum of 12 widgets, which can display data in various forms such as pie charts, horizontal or vertical bars, tables, ROI charts, etc., for any specified SOC environment or case occurrence time.

 


Steps
  1. Users will navigate to the left-side Navigation Bar and then select from the Dashboards and Reports dropdown menu.
  2. Users will then select SOAR Dashboards from the dropdown menu, which will display the SOAR Dashboards available. 
  3. The SOAR Dashboard page will display the selected Dashboard, which can be selected from the Dashboard Selection menu at the top-left of the page. Below the Dashboard Selection menu, users can see the Owner of the Dashboard.
  4. On the top-right of the Dashboard, users will see:
    1. Filter Option
      • Time Range
      • Environment
    2. Menu  129161iF1C94322DD75F337.png
      • Share Dashboard with Others
      • Export
      • Save as a Report Template
      • Delete Dashboard
    3. Refresh 129162iC5E75FE049A5AA38.png
    4. Import 129163i4FF0B7C4497AEA83.png
    5. Add Widget 129164i5BE8A3B60A2583F7.png
  5.  To add a New Widget, users will select the Add Widget button, or the empty Widget with a plus sign, and Widget Settings popup will appear. 129165i9CEAC538BB615150.png
  6. In the Widget Settings popup, will allow users to:
    1. Select Data Display (Graph, Entity, Chart)
    2. Corresponding Fields
      • Number Of
      • Calculate Field
      • Group By
      • Number of Results
      • Order By
    3. Title
    4. Widget Width
    5. Filters
    6. Preview
  7. When complete, users will select Create.
Relevant Documentation Links

 

 

129156i6C6783D9E59FD822.png

SOAR Reports

Google SecOps Reports come in useful to justify Return on Investment (ROI) to upper management and to achieve transparency and accountability to customers and fellow colleagues. 

Google SecOps provides analysts with five predefined Reports and the option to create new ones. You can export and import Reports to other platforms.

 


Steps
  1. Users will navigate to the left-side Navigation Bar and then select from the Dashboards and Reports dropdown menu.
  2. Users will then select SOAR Reports and SOAR Reports page will appear. 
  3. Users will see five pre-defined reports templates available:
    1. General
    2. Management
    3. ROI
    4. SLA
    5. Tier 1
  4. Users can select the following options at the top of the Reports page:
    1. Search field
    2. Menu
    3. Refresh
    4. Import
    5. Add New Template
  5. Users will see a list of available reports, under the following columns:
    1. Category
    2. Name of Template
    3. Created By
    4. Creation Time
    5. Scheduler
    6. Generate Report 129157i916AFEBD8BA56635.png
  6.  When a Report is selected, users will see an Editor and Scheduler section to the right of the Report List.
  7. When a user selects a Report, the Widgets that the user wants in the Report can be edited by selecting the Edit Widget button 129158i903F4A964D2E0E7E.png, which will appear when the user’s mouse hovers over the Widget they choose to Edit.
  8. Additionally, users can delete Widgets by selecting the Delete button, next to the Edit Widget button.
  9. To Schedule a Report, users will select the Scheduler section and click on the Add New Schedule button.
  10. In the the Scheduler section, users can select the following fields:
    1. Enable 129159i3560E5E6AC25F196.png
    2. Environment
    3. Time Frame
    4. File Type
    5. Mail to 129160iC1BCA9A147314923.png
    6. Message
    7. Repeat Schedule
    8. Set Time
  11.  When complete with the Scheduler, user’s will select Save.
  12. To Generate a Report, users will select from a listed Report, and click Generate, which will display a Generate Report popup.
  13. In the Generate Report popup, users will select the following options:
    1. Environments
    2. Time Frame
    3. File Type
  14. When complete, users will select Download. The Report will appear in the user’s download folder, available to disseminate.
Relevant Documentation Links

 

 

Next Step: Security Operations: You have completed your Google SecOps Journey! 

Previous Step: Security Operations: Step 5.1 - Respond | Response 

    Terms & ConditionsAccessibility statement
    Privacy Policy Terms of Service Gen AI Policy Community Guidelines Cookie Settings

    © 2025 Google. All rights reserved.