Dashboard Reference

Dashboards and widgets provided by different packages are listed below.

PackageDashboard
apache/http-serverError log analysis
apache/http-serverHTTP errors
apache/http-serverIOC matches for client IP
apache/http-serverIOC matches for referer domain
apache/http-serverOverview
apache/http-serverVisitor insights
apache/kafka-metricbeatKafka Monitoring
cisco/asaEvents
cisco/asaOverview
cloudflare/area1emailsecurityCloudflare Email Security Starter
crowdstrike/falcon-devicesCrowdStrike Falcon Devices: Overview
crowdstrike/falcon-devicesCrowdStrike Falcon Devices: Policies
crowdstrike/fdr00 - FDR Package Announcement - Please Read
crowdstrike/fdrDetections by Instance
crowdstrike/fdrDetections by Type
crowdstrike/fdrDomain Search
crowdstrike/fdrFile Vantage
crowdstrike/fdrHash Search
crowdstrike/fdrHost Search
crowdstrike/fdrIP Search
crowdstrike/fdrMonitor Deployment
crowdstrike/fdrProcess Context Events
crowdstrike/fdrDev - Software Inventory
crowdstrike/fdrThreat Hunting
crowdstrike/fltr-coreAudit - Falcon UI Logs
crowdstrike/fltr-coreDetections - By AgentId
crowdstrike/fltr-coreDetections - By Alert Type
crowdstrike/fltr-coreDetections - Event Summary
crowdstrike/fltr-coreDetections - File Vantage
crowdstrike/fltr-coreDetections - MITRE ATT&CK Evaluation
crowdstrike/fltr-coreHealth - Cloud Workload Protection
crowdstrike/fltr-coreHealth - Inventory of Installed Software
crowdstrike/fltr-coreHealth - Linux Sensors
crowdstrike/fltr-coreHealth - Monitor Deployment
crowdstrike/fltr-coreOS - Windows Account Discovery
crowdstrike/fltr-coreOS - Windows User Logon Activity
crowdstrike/fltr-coreSearch - Acquire Host Details
crowdstrike/fltr-coreSearch - By AgentId
crowdstrike/fltr-coreSearch - By DNS
crowdstrike/fltr-coreSearch - By File Hash
crowdstrike/fltr-coreSearch - By IP Address
crowdstrike/fltr-coreSearch - By Process Context
crowdstrike/fltr-coreSearch - By UserName
crowdstrike/fltr-coreSearch - Threat Hunting
crowdstrike/fltr-corezBeta - Identify Statistical Anomalies
crowdstrike/fltr-firewall-adversariesNetwork Connections (IP) - IOC / Threat Actors
crowdstrike/fltr-identityprotectionDetections Dashboard
crowdstrike/fltr-identityprotectionEvent Analysis Dashboard
crowdstrike/fltr-identityprotectionIdentity-based Detections
crowdstrike/fltr-identityprotectionThreat Hunter
crowdstrike/fltr-tutorialThe Basics - 01 - Primer
crowdstrike/fltr-tutorialThe Basics - 02 - Event Tags
crowdstrike/fltr-tutorialThe Basics - 03 - Field Names Simplified
crowdstrike/fltr-tutorialThe Basics - 04 - Comments
crowdstrike/fltr-tutorialThe Basics - 05 - Timestamps
crowdstrike/fltr-tutorialThe Basics - 06 - Assignment
crowdstrike/fltr-tutorialThe Basics - 07 - Regular Expressions
crowdstrike/fltr-tutorialThe Basics - 08 - Case Statements
crowdstrike/fltr-tutorialThe Basics - 09 - Functions
crowdstrike/fltr-tutorialThe Basics - 10 - Formatting Query Output
crowdstrike/fltr-tutorialThe Basics - 11 - groupBy
crowdstrike/fltr-tutorialThe Basics - 12 - Parameters
crowdstrike/fltr-tutorialThe Basics - 13 - Visualizations
crowdstrike/fltr-tutorialThe Basics - 14 - Widget Formatting
crowdstrike/fltr-tutorialThe Basics - 15 - Match
crowdstrike/fltr-tutorialThe Basics - 16 - Field Extraction
crowdstrike/fltr-tutorialThe Basics - 17 - Query Building 101
crowdstrike/fltr-tutorialThe Basics - 18 - Hyperlinks
crowdstrike/fltr-tutorialThe Basics - 19 - Helpful Query Examples
crowdstrike/intel-indicatorsCrowdStrike Intel Indicators: Actors
crowdstrike/intel-indicatorsCrowdStrike Intel Indicators: Malware Family
crowdstrike/intel-indicatorsCrowdStrike Intel Indicators: Overview
crowdstrike/iocDomain overview
crowdstrike/iocIP overview
crowdstrike/iocOverview
crowdstrike/iocURL overview
crowdstrike/siem-connectorDetections
crowdstrike/siem-connectorFirewall Activity
crowdstrike/siem-connectorSummary Dashboard
crowdstrike/siem-connectorUser Activity
crowdstrike/spotlightCrowdStrike Falcon Spotlight: Overview
crowdstrike/spotlightCrowdStrike Falcon Spotlight: Severity Details
cyberark/pamCyberArk Core PAS
cyberark/vaultCyberArk Vault
docker/metricsDocker Overview
extrahop/revealxExtraHop Detection Summary
extrahop/revealxReveal(X): Unmanaged Systems
github/eventsGitHub #1
github/eventsGitHub #2
github/eventsGitHub #3
google/chrome-enterprise-security-eventsChromeOS Data Controls
google/chrome-enterprise-security-eventsChromeOS Overview
google/chrome-enterprise-security-eventsEvent Information
google/chrome-enterprise-security-eventsExtension Monitoring
google/chrome-enterprise-security-eventsSecurity Overview
google/chronicle-alertschronicle-alerts
google/chronicle-iocchronicle-iocs
google/gcp-auditAudit Log Summary
humio/activityAlert Details
humio/activityAlerts Overview
humio/activityFDR Ingest Status
humio/activityFilter Alert Details
humio/activityFilter Alerts Overview
humio/activityLegacy Alert Details
humio/activityLegacy Alerts Overview
humio/activityScheduled Reports Overview
humio/activityScheduled Search Details
humio/activityScheduled Searches Overview
humio/insightsBucket Storage
humio/insightsData transferred for files
humio/insightsErrors
humio/insightsHardware Scaling
humio/insightsHosts
humio/insightsIngest
humio/insightsKafka
humio/insightsLogScale Asset Resolution Service (LARS)
humio/insightsLookup tables
humio/insightsOverview
humio/insightsParsers
humio/insightsPermissions
humio/insightsReplication
humio/insightsRequest-Response
humio/insightsSearch
humio/insightsSegments And Datasources
humio/vector-metricsMetrics
imperva/cloud-wafAccount Overview
imperva/cloud-wafSearch
imperva/cloud-wafWAF Overview
island/islandIsland Browser Dashboard
linux/system-logsLinux - Auditd
linux/system-logsLinux - General
linux/system-logsLinux - SSH
linux/system-logsLinux - Sudo
microsoft/iisError log analysis (from HTTPERR log file)
microsoft/iisHTTP errors
microsoft/iisIOC matches for client IP
microsoft/iisIOC matches for referer domain
microsoft/iisOverview
microsoft/iisVisitor insights
microsoft/microsoft365Email forwarding rules
microsoft/microsoft365Email investigation
microsoft/microsoft365Email IOC detections
microsoft/microsoft365Email overview
microsoft/microsoft365Email threat summary
mimecast/email-securityAttachment Protect
mimecast/email-securityAudit Log
mimecast/email-securityData Leak Prevention
mimecast/email-securityEmail Activity Summary
mimecast/email-securityImpersonation Protect
mimecast/email-securityThreat Intel Feed - Regional
mimecast/email-securityThreat Intel Feed - Targeted
mimecast/email-securityURL Protect
netskope/casbNetskope Alert Event Overview
netskope/casbNetskope CASB Overview
netskope/casbNetskope Detection Overview
nginx/nginxError log analysis
nginx/nginxHTTP errors
nginx/nginxIOC matches for client IP
nginx/nginxIOC matches for referer domain
nginx/nginxOverview
nginx/nginxVisitor insights
obsidiansecurity/actionnotificationObsidian Security Overview
obsidiansecurity/actionnotificationObsidian Security Posture Management
obsidiansecurity/actionnotificationObsidian Security Threat Management
ordr/ordrConnected Device Insights
pingidentity/pingoneOverview
pingidentity/pingonePassword activity
pingidentity/pingonePolicy and MFA
redhat/ansibleProcess investigation
rubrik/security-cloudRubrik Security Cloud
ruby/loggerMonitoring
servicenow/servicenowServiceNow Incidents
talon/talon-cyber-securityTalon Alerting Activities
talon/talon-cyber-securityTalon Policy Activities
talon/talon-cyber-securityTalon User Activities
vectra/detectionsAudit
vectra/detectionsUnified Dashboard
veeam/veeamdataplatformVeeam Data Platform Monitoring
veeam/veeamdataplatformVeeam Security Activities
zscaler/internet-accessWeb - Threat Activity
zscaler/internet-accessWeb - User Investigation
zscaler/internet-accessWeb - Web Activity