TOC & Recently Viewed

Recently Viewed Topics

Custom Dashboard Component Options

First, configure general options for your component.

General Option Description

Name

A name for the dashboard component.

Description

A description for the dashboard component. The Description appears on the Dashboards page when you hover over a dashboard component.

Schedule

Frequency with which the component polls the data source to obtain updates. Available frequency options include: minutely (15 minutes, 20 minutes, 30 minutes), hourly (1 hours, 2 hours, 4 hours, 6 hours, 12 hours), daily (default) with a time of day, weekly repeating every 1-20 weeks and selection of the day(s) of week, monthly repeating every 1-20 months (by day or date), and never.

Caution: Excessively frequent updates may cause the application to become less responsive due to the added processing load imposed on the host OS.

Then, configure specific options for your component type: Table Component Options, Bar Chart Component Options, Pie Chart Component Options, Line and Area Chart Component Options or Matrix Component Options.

Table Component Options

Option Description

Data

Query

Predefined query used to further narrow down the data source options. If a query does not exist or is not desired, it may be left unselected. The query may be used as is or as a template on which to base the Filters option.

Type

Vulnerability, Mobile, Event, Ticket, Alert, or User.

Source

For vulnerability data type, sources include Cumulative or Mitigated depending on the desired data source. For event type, the source defaults to Active.

Note: The Source option is not available because only active event data is permitted for event-based components.

Tool

Determines the analysis tool to use for creating the chart.

Filters

Additional filters to use on the data source. For more information, see Filters.

Display

Results Displayed

The number of displayed results (maximum: 999). If the Viewport Size setting is smaller than this setting, the results display is limited to the Viewport Size setting with a scrollbar to display the additional results.

Viewport Size

The number of records (maximum: 50) to display along with a scrollbar to handle additional records. For example, if Results Displayed is set to 100 and Viewport Size is 15, 15 records are displayed with a scrollbar to view the additional 85 records.

Sort Column

(Except Event Data Type) Column that the results are sorted by.

Sort Direction

(Except Event Data Type) Descending (default) or Ascending.

Display Columns

Desired columns to be shown in the component output.

Bar Chart Component Options

Option Description

Data

Query

Predefined query used to further narrow down the data source options. If a query does not exist or is not desired, it may be left unselected. The query may be used as is or as a template on which to base the Filters option.

Type

Vulnerability, Mobile, Event, Alert, or Ticket.

Source

For vulnerability data type sources, include Cumulative or Mitigated depending on the desired data source. For event type, the source defaults to Active.

Note: The Source option is not available because only active event data is permitted for event-based components.

Tool

Determines the analysis tool to use for creating the chart.

Filters

Additional filters to use on the data source. For more information, see Filters.

Display

Results Displayed

The number of displayed results (maximum: 100).

Sort Column

(Vulnerability/Ticket Data Type only) Column that the results are sorted by.

Sort Direction

(Vulnerability/Ticket Data Type only) Descending (default) or Ascending.

Display Column

Desired column shown in the component output.

Pie Chart Component Options

Option Description

Data

Query

Predefined query used to further narrow down the data source options. If a query does not exist or is not desired, it may be left unselected. The query may be used as is or as a template on which to base the Filters option.

Type

Vulnerability, Mobile, Event, or Ticket

Source

For vulnerability data type sources If Data Type of Vulnerability is chosen, sources include: Cumulative or Mitigated depending on the desired data source. For event type, the source defaults to Active.

Note: The Source option is not available because only active event data is permitted for event-based components.

Tool

Determines the analysis tool to use for creating the chart.

Filters

Vulnerability, Event, or Ticket filters used to narrow down the series source. For more information, see Filters.

Display

Results Displayed

The number of displayed results (default: 10).

Sort Column

Column that the results are sorted by.

Sort Direction

Descending (default) or Ascending.

Display Columns

Desired columns shown in the component output.

Line and Area Chart Component Options

Option Description

Data

Date Type

The date type can be relative to the current time when the chart is loaded or an absolute time frame that is the same on each page visit.

Date Range

Available options include:

  • Last Minutes – 15, 20, 30
  • Last Hours – 1, 2, 4, 6, 12, 24 (default), 48, 72
  • Last Days – 5, 7, 25, 50
  • Last Months – 3, 6, 12

Add/Edit Series

Name

Series name

Data

Data Type

Note: For line/area charts, vulnerability data analysis often requires that the underlying repository be a trending repository. If the selected repository is not a trending repository, no historical analysis is available.

Vulnerability or Event.

Query

Predefined query used to further narrow down the data source options. If a query does not exist or is not desired, it may be left unselected. The query may be used as is or as a template on which to base the Filters option.

Filters

Filters used to narrow down the series source. For more information, see Filters.

Display

Series Data

Data to display in the chart (Total, Info, Low, Medium, High, Critical).

Matrix Component Options

For information about configuring matrix components and to download samples, visit the Tenable™SecurityCenter Dashboards blog: http://www.tenable.com/sc-dashboards.

Option Description

Cells

Size

Creating a Matrix chart starts with defining the size. SecurityCenter supports matrices from 1x1 to 10x10. Click the Generate Cells link to create the initial blank matrix which may be populated and further defined with settings described below.

Column

(max 10)

Columns are normally used to define a group of vulnerability, mobile, event, ticket, user, or alert data. For example, five columns could be used in a matrix component, one each for critical, high, medium, low, and informational vulnerabilities. Hover the cursor over the right-hand side of the top cell of a column to display a drop-down box.

The header drop-down box contains three options: Edit Header, Delete Cells, and Copy.

Click on the Edit Header option to set the column name and update frequency. The update frequency determines how often the underlying data set is refreshed. Refreshing the data more often is useful for seeing a more current view of the data; however, it can have a detrimental effect on system performance. Matrix columns are updated as clusters and not individually. For example, if column A and C have an update frequency of Daily and column B has an update frequency of Every 12 Hours, columns A and C update together and column B updates by itself. This means that if there is a missing query in column A, column C does not update. However, if there is a missing query in column B, columns A and C update.

Click on Delete Cells to delete the column of cells. There is not a confirmation window.

Click on Copy to copy the current column, which may then be edited as needed. Once 10 columns exist, the Copy option is no longer available.

Row

(max 10)

Rows are another grouping element, used to define the operations being performed against each column element for that row. For example, if each column determines the vulnerability type (critical, high, medium, low, and informational), a row could be created labeled Ratio. Each cell in that row could be used to calculate the ratio of the particular vulnerability type count against the total vulnerability count.

Hover the cursor over the right-hand side of the cell in a row entry to display a drop-down box. The box contains options to Edit Header, Delete Cells, and Copy.

Click on Edit Header to change the header name for the row.

Click on Delete Cells to delete the row of cells. There is not a confirmation window.

Click on Copy to copy the current row, which may then be edited as needed. Once 10 rows exist, the Copy option is no longer available.

Editing Cells

Cells contain the actual data operations. Cells are defined by query and condition options. Click on a cell to modify the cell definition. The options are described below:

Query Options

For more information, see Matrix Component Query Options.

Display Options

The display options determine the background and foreground colors along with any custom text, if applicable.

Rules

There are two basic types of rules in a matrix cell definition: the default (or fallback) rule and rule(s) that are added. By default, a single editable rule is added to each cell definition. This rule cannot be deleted and describes what appears in the cell if no other conditions have been defined or triggered. A default condition looks similar to the following:

This rule can be edited to display any of the available display options. Added rules may look similar to the following:

When hovered over, a rule displays an edit and a delete icon. To save edits to a rule, click the checkmark icon or click the x icon to cancel the changes.

Rules are reviewed from top to bottom and trigger the display rule on the first rule match. Once a rule triggers, none of the subsequent rules are reviewed. If none of the added rules match, the default rule is automatically performed.

Matrix Component Query Options

Option Description

Data

Type

Available types include: Query Value, Static Text, Icon, Bar, and Ratio

Data Type

Available data types include vulnerability, mobile, event, ticket, alert, and user. The query value rules displayed in the condition section are dynamically defined by the data type used. For example, if a data type of Event is chosen, query value rules include Event Count, IP Count, or Port Count.

Filters

Filter the data based on specific parameters.

Rules

Type

Available types include: Query Value, Static Text, Icon, Bar, and Ratio.

Rule

Note:Bar and Ratio charts use ratios rather than counts in the lists below.

  • Vulnerability: IP Count, Port Count, Score Count, and Vulnerability Count
  • Mobile: Vulnerability Count, Device Count, and Score Count
  • Event: IP Count, Port Count, Score Count, and Event Count
  • Ticket: Ticket Count
  • Alert: Alert Count
  • User: User Count

Copyright 2017-2018 Tenable, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc. Tenable, Tenable.io, Assure, and The Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective owners.