veeam/veeamdataplatform Dashboards

Veeam Data Platform Monitoring

The Veeam Data Platform Monitoring dashboard provides comprehensive backup operation analysis through job-focused visualizations. This dashboard enables tracking of diverse backup job types, monitoring of data transfer volumes, and assessment of backup success rates across the backup infrastructure.
Veeam Security Activities

The Veeam Security Activities dashboard presents detailed security event analysis through integrated security-focused visualizations. This dashboard enables monitoring of security incidents, tracking of authorization events, and assessment of suspicious activities across the backup environment.

Veeam Data Platform Monitoring

The Veeam Data Platform Monitoring dashboard provides comprehensive backup operation analysis through job-focused visualizations. This dashboard enables tracking of diverse backup job types, monitoring of data transfer volumes, and assessment of backup success rates across the backup infrastructure.

Widget	Description	Type
Transferred Data	The total amount of data transferred during backup jobs and file backup jobs. By default, data is displayed for the last 7 days. Hide Query Show Query logscale `#Vendor="veeam" \| #event.module="vbr" \| #repo!=xdr_* \| in(field=event.id, values=["150","151"]) \| in(field=host.name, values=[?hostname]) \| Vendor.JobTypeCode = * \| Vendor.JobResultCode = * \|sum(Vendor.TransferredGb, as=_totalTransferredGb)`	`Single Value`
All Jobs	The total amount of finished Veeam Backup & Replication jobs. By default, data is displayed for the last 24 hours. Hide Query Show Query logscale `#Vendor="veeam" \| #event.module="vbr" \| #repo!=xdr_* \| in(field=event.id, values=["190","290","790","194","490","390","36022","36026"]) \| in(field=host.name, values=[?hostname]) \| Vendor.JobResultCode = * \| Vendor.JobTypeCode = * \| match(file="veeam/veeamdataplatform/veeam_action_results_lookup.csv", column=JobResult, field=Vendor.JobResultCode, strict=false) \| default(field=JobResultMessage, value="Unknown State") \| groupBy(JobResultMessage)`	`Single Value`
Ingested Data Over Time	Time chart showing the amount of ingested data over selected time range. Hide Query Show Query logscale `case { #Vendor="veeam" #repo!=xdr_* \| data_source := "Data Source" ; } \| timeChart(data_source, function=count(), limit=50)`	`Time Chart`
Data Source Detector	Discover available data sources and their corresponding backup job categories. Results reflect data availability for the selected time range. Hide Query Show Query logscale `#Vendor="veeam" \| #repo!=xdr_* \| stats([ count(as="_eventCount"), max(@timestamp, as=_latest_event) ]) \| "Data Source" := "Veeam Data Platform" \| case { _eventCount>0 \| Status := "✅"; * \| Status := "❌" ; } \| table(["Data Source", Status])`	`Table`
Latest Configuration Backups	Latest configuration backup jobs run on each Veeam Backup & Replication server. Hide Query Show Query logscale `#Vendor="veeam" \| #event.module="vbr" \| #repo!=xdr_* \| event.id="40700" \| in(field=host.name, values=[?hostname]) \| rename(field=Vendor.State, as=State) \| rename(field=host.name, as="Data Source") \| rename(field=Vendor.FullUserName, as=User) \|table([@timestamp, "Data Source", User, State])`	`Table`
Latest Finished Jobs	Latest jobs finished on each Veeam Backup & Replication server. Hide Query Show Query logscale #Vendor="veeam" \| #event.module="vbr" \| #repo!=xdr_* \| in(field=event.id, values=["190","40290","790","194","490","390","36022","36026"]) \| in(field=host.name, values=[?hostname]) \| Vendor.JobTypeCode = * \| Vendor.JobResultCode = * \| match(file="veeam/veeamdataplatform/veeam_action_results_lookup.csv", column=JobResult, field=Vendor.JobResultCode, strict=false) \| default(field=JobResultMessage, value="Unknown State") \| match(file="veeam/veeamdataplatform/veeam_job_types_lookup.csv", column=JobType, field=Vendor.JobTypeCode, strict=false) \| default(field=JobTypeDescription, value="Unknown Type") \| rename(field=JobResultMessage, as=State) \| rename(field=host.name, as="Data Source") \| rename(field=message, as="Message Details") \| rename(field=JobTypeDescription, as="Job Type") \| table([@timestamp, "Data Source", "Message Details", "Job Type", State])	`Table`
VM Copy Jobs	Statistics on finished VM copy jobs. By default, data is displayed for the last 30 days. Hide Query Show Query logscale `#Vendor="veeam" \| #event.module="vbr" \| #repo!=xdr_* \| event.id="592" \| in(field=host.name, values=[?hostname]) \| Vendor.JobTypeCode = * \| Vendor.JobResultCode = * \| match(file="veeam/veeamdataplatform/veeam_action_results_lookup.csv", column=JobResult, field=Vendor.JobResultCode, strict=false) \| default(field=JobResultMessage, value="Unknown State") \| groupBy(field=JobResultMessage)`	`Pie Chart`
Tape Verification Jobs	Statistics on finished tape verification jobs. By default, data is displayed for the last 30 days. Hide Query Show Query logscale `#Vendor="veeam" \| #event.module="vbr" \| #repo!=xdr_* \| event.id="198" \| in(field=host.name, values=[?hostname]) \| Vendor.JobTypeCode = * \| Vendor.JobResultCode = * \| match(file="veeam/veeamdataplatform/veeam_action_results_lookup.csv", column=JobResult, field=Vendor.JobResultCode, strict=false) \| default(field=JobResultMessage, value="Unknown State") \| groupBy(field=JobResultMessage)`	`Pie Chart`
File Backup Jobs	Statistics on finished file backup jobs. By default, data is displayed for the last 30 days. Hide Query Show Query logscale `#Vendor="veeam" \| #event.module="vbr" \| #repo!=xdr_* \| event.id="190" \| in(field=host.name, values=[?hostname]) \| Vendor.JobTypeCode = "13000" \| Vendor.SourceType = "3" \| Vendor.JobResultCode = * \| match(file="veeam/veeamdataplatform/veeam_action_results_lookup.csv", column=JobResult, field=Vendor.JobResultCode, strict=false) \| default(field=JobResultMessage, value="Unknown State") \| groupBy(field=JobResultMessage)`	`Pie Chart`
VM Quick Migration Jobs	Statistics on finished quick migration jobs. By default, data is displayed for the last 30 days. Hide Query Show Query logscale `#Vendor="veeam" \| #event.module="vbr" \| #repo!=xdr_* \| event.id="610" \| in(field=host.name, values=[?hostname]) \| Vendor.JobTypeCode = * \| Vendor.JobResultCode = * \| match(file="veeam/veeamdataplatform/veeam_action_results_lookup.csv", column=JobResult, field=Vendor.JobResultCode, strict=false) \| default(field=JobResultMessage, value="Unknown State") \| groupBy(field=JobResultMessage)`	`Pie Chart`
Backup Copy Jobs	Statistics on finished file backup copy and object storage backup copy jobs. By default, data is displayed for the last 30 days. Hide Query Show Query logscale `#Vendor="veeam" \| #event.module="vbr" \| #repo!=xdr_* \| event.id="490" \| in(field=host.name, values=[?hostname]) \| Vendor.JobTypeCode = "13003" \| Vendor.SourceType = "5" \| Vendor.JobResultCode = * \| match(file="veeam/veeamdataplatform/veeam_action_results_lookup.csv", column=JobResult, field=Vendor.JobResultCode, strict=false) \| default(field=JobResultMessage, value="Unknown State") \| groupBy(field=JobResultMessage)`	`Pie Chart`
Log Backup Jobs for Entra ID	Statistics on finished audit log backup jobs for Entra ID. By default, data is displayed for the last 30 days. Hide Query Show Query logscale `#Vendor="veeam" \| #event.module="vbr" \| #repo!=xdr_* \| event.id="190" \| Vendor.JobTypeCode = "13000" \| Vendor.SourceType = "8" \| in(field=host.name, values=[?hostname]) \| Vendor.JobResultCode = * \| match(file="veeam/veeamdataplatform/veeam_action_results_lookup.csv", column=JobResult, field=Vendor.JobResultCode, strict=false) \| default(field=JobResultMessage, value="Unknown State") \| groupBy(field=JobResultMessage)`	`Pie Chart`
Backup Jobs for Enterprise Plug-ins	Statistics on finished backup jobs for enterprise plug-ins. By default, data is displayed for the last 30 days. Hide Query Show Query logscale `#Vendor="veeam" \| #event.module="vbr" \| #repo!=xdr_* \| event.id="36022" \| in(field=host.name, values=[?hostname]) \| Vendor.JobTypeCode = * \| Vendor.JobResultCode = * \| match(file="veeam/veeamdataplatform/veeam_action_results_lookup.csv", column=JobResult, field=Vendor.JobResultCode, strict=false) \| default(field=JobResultMessage, value="Unknown State") \| groupBy(field=JobResultMessage)`	`Pie Chart`
SureBackup Jobs	Statistics on finished SureBackup jobs. By default, data is displayed for the last 7 days. Hide Query Show Query logscale `#Vendor="veeam" \| #event.module="vbr" \| #repo!=xdr_* \| event.id="390" \| in(field=host.name, values=[?hostname]) \| Vendor.JobTypeCode = * \| Vendor.JobResultCode = * \| match(file="veeam/veeamdataplatform/veeam_action_results_lookup.csv", column=JobResult, field=Vendor.JobResultCode, strict=false) \| default(field=JobResultMessage, value="Unknown State") \| timeChart(series=JobResultMessage, span="1 day")`	`Time Chart`
Backup and Backup Copy Jobs	Statistics on finished backup and backup copy jobs. By default, data is displayed for the last 7 days. Hide Query Show Query logscale `#Vendor="veeam" \| #event.module="vbr" \| #repo!=xdr_* \| in(field=event.id, values=["190","790","194","490","36022","36026"]) \| in(field=host.name, values=[?hostname]) \| Vendor.JobTypeCode = * \| Vendor.JobResultCode = * \| match(file="veeam/veeamdataplatform/veeam_action_results_lookup.csv", column=JobResult, field=Vendor.JobResultCode, strict=false) \| default(field=JobResultMessage, value="Unknown State") \| timeChart(series=JobResultMessage, span="1 day")`	`Time Chart`
Unsuccessful VM Backups	Statistics on VM backup jobs with the 'Failed' or 'Warning' state. By default, data is displayed for the last 30 days. Hide Query Show Query logscale #Vendor="veeam" \| #event.module="vbr" \| #repo!=xdr_* \| in(field=event.id, values=["150", "450"]) \| in(field=host.name, values=[?hostname]) \| Vendor.JobTypeCode = * \| in(field=Vendor.JobResultCode, values=["2","3"]) \| match(file="veeam/veeamdataplatform/veeam_session_states_lookup.csv", column=ResultCode, field=Vendor.JobResultCode, strict=false) \| default(field=JobResultMessage, value="Unknown State") \| groupBy([Vendor.VmName, JobResultMessage]) \| sort(field=[JobResultMessage, _count], limit=15, order=[asc, desc])	`Bar Chart`
Tape Copy Jobs	Statistics on finished tape copy jobs. By default, data is displayed for the last 30 days. Hide Query Show Query logscale `#Vendor="veeam" \| #event.module="vbr" \| #repo!=xdr_* \| event.id="200" \| in(field=host.name, values=[?hostname]) \| Vendor.JobTypeCode = * \| Vendor.JobResultCode = * \| match(file="veeam/veeamdataplatform/veeam_action_results_lookup.csv", column=JobResult, field=Vendor.JobResultCode, strict=false) \| default(field=JobResultMessage, value="Unknown State") \| groupBy(field=JobResultMessage)`	`Pie Chart`
Backup Jobs for Entra ID	Statistics on finished backup jobs for Entra ID. By default, data is displayed for the last 30 days. Hide Query Show Query logscale `#Vendor="veeam" \| #event.module="vbr" \| #repo!=xdr_* \| event.id="190" \| in(field=host.name, values=[?hostname]) \| Vendor.JobTypeCode = "78" \| Vendor.JobResultCode = * \| match(file="veeam/veeamdataplatform/veeam_action_results_lookup.csv", column=JobResult, field=Vendor.JobResultCode, strict=false) \| default(field=JobResultMessage, value="Unknown State") \| groupBy(field=JobResultMessage)`	`Pie Chart`
Object Storage Backup Jobs	Statistics on finished object storage backup jobs. By default, data is displayed for the last 30 days. Hide Query Show Query logscale `#Vendor="veeam" \| #event.module="vbr" \| #repo!=xdr_* \| event.id="190" \| in(field=host.name, values=[?hostname]) \| Vendor.JobTypeCode = "13000" \| Vendor.SourceType = "7" \| Vendor.JobResultCode = * \| match(file="veeam/veeamdataplatform/veeam_action_results_lookup.csv", column=JobResult, field=Vendor.JobResultCode, strict=false) \| default(field=JobResultMessage, value="Unknown State") \| groupBy(field=JobResultMessage)`	`Pie Chart`
VM File Copy Jobs	Statistics on finished file copy jobs. By default, data is displayed for the last 30 days. Hide Query Show Query logscale `#Vendor="veeam" \| #event.module="vbr" \| #repo!=xdr_* \| event.id="590" \| in(field=host.name, values=[?hostname]) \| Vendor.JobTypeCode = * \| Vendor.JobResultCode = * \| match(file="veeam/veeamdataplatform/veeam_action_results_lookup.csv", column=JobResult, field=Vendor.JobResultCode, strict=false) \| default(field=JobResultMessage, value="Unknown State") \| groupBy(field=JobResultMessage)`	`Pie Chart`
Finished Jobs by Type	Latest finished jobs by type. Hide Query Show Query logscale `#Vendor="veeam" \| #event.module="vbr" \| #repo!=xdr_* \| in(field=event.id, values=["190","790","194","490","390","36022","36026"]) \| in(field=host.name, values=[?hostname]) \| Vendor.JobTypeCode = * \| Vendor.JobResultCode = * \| match(file="veeam/veeamdataplatform/veeam_job_types_lookup.csv", column=JobType, field=Vendor.JobTypeCode, strict=false) \| default(field=JobTypeDescription, value="Unknown Type") \| timeChart(series=JobTypeDescription, span="1 day")`	`Time Chart`
Log Backup Jobs for Enterprise Plug-ins	Statistics on finished log backup jobs for enterprise plug-ins. By default, data is displayed for the last 30 days. Hide Query Show Query logscale `#Vendor="veeam" \| #event.module="vbr" \| #repo!=xdr_* \| event.id="36026" \| in(field=host.name, values=[?hostname]) \| Vendor.JobTypeCode = * \| Vendor.JobResultCode = * \| match(file="veeam/veeamdataplatform/veeam_action_results_lookup.csv", column=JobResult, field=Vendor.JobResultCode, strict=false) \| default(field=JobResultMessage, value="Unknown State") \| groupBy(field=JobResultMessage)`	`Pie Chart`
Veeam Agent Jobs	Statistics on finished Veeam Agent jobs. By default, data is displayed for the last 30 days. Hide Query Show Query logscale `#Vendor="veeam" \| #event.module="vbr" \| #repo!=xdr_* \| event.id="790" \| in(field=host.name, values=[?hostname]) \| Vendor.JobTypeCode = * \| Vendor.JobResultCode = * \| match(file="veeam/veeamdataplatform/veeam_action_results_lookup.csv", column=JobResult, field=Vendor.JobResultCode, strict=false) \| default(field=JobResultMessage, value="Unknown State") \| groupBy(field=JobResultMessage)`	`Pie Chart`
Tape Jobs	Statistics on finished tape jobs. By default, data is displayed for the last 30 days. Hide Query Show Query logscale `#Vendor="veeam" \| #event.module="vbr" \| #repo!=xdr_* \| event.id="194" \| in(field=host.name, values=[?hostname]) \| Vendor.JobTypeCode = * \| Vendor.JobResultCode = * \| match(file="veeam/veeamdataplatform/veeam_action_results_lookup.csv", column=JobResult, field=Vendor.JobResultCode, strict=false) \| default(field=JobResultMessage, value="Unknown State") \| groupBy(field=JobResultMessage)`	`Pie Chart`
Finished Restore Sessions by Type	Latest finished restore sessions by type. Hide Query Show Query logscale `#Vendor="veeam" \| #event.module="vbr" \| #repo!=xdr_* \| in(field=event.id, values=["40290", "40800"]) \| in(field=host.name, values=[?hostname]) \| Vendor.JobTypeCode = * \| match(file="veeam/veeamdataplatform/veeam_job_types_lookup.csv", column=JobType, field=Vendor.JobTypeCode, strict=false) \| default(field=JobTypeDescription, value="Unknown Type") \| timeChart(series=JobTypeDescription, span="1 day")`	`Time Chart`
Backup Copy Jobs	Statistics on finished backup copy jobs. By default, data is displayed for the last 30 days. Hide Query Show Query logscale `#Vendor="veeam" \| #event.module="vbr" \| #repo!=xdr_* \| event.id="490" \| in(field=host.name, values=[?hostname]) \| Vendor.JobTypeCode = * \| Vendor.JobResultCode = * \| match(file="veeam/veeamdataplatform/veeam_action_results_lookup.csv", column=JobResult, field=Vendor.JobResultCode, strict=false) \| default(field=JobResultMessage, value="Unknown State") \| groupBy(field=JobResultMessage)`	`Pie Chart`
Unsuccessful Unstructured Data Backups	Statistics on file backup and object storage backup jobs with the 'Failed' or 'Warning' state. By default, data is displayed for the last 30 days. Hide Query Show Query logscale #Vendor="veeam" \| #event.module="vbr" \| #repo!=xdr_* \| in(field=event.id, values=["151", "451"]) \| in(field=host.name, values=[?hostname]) \| Vendor.JobTypeCode = * \| in(field=Vendor.JobResultCode, values=["2","3"]) \| match(file="veeam/veeamdataplatform/veeam_session_states_lookup.csv", column=ResultCode, field=Vendor.JobResultCode, strict=false) \| default(field=JobResultMessage, value="Unknown State") \| groupBy([Vendor.SourceName, JobResultMessage]) \| sort(field=[JobResultMessage, _count], limit=15, order=[asc, desc])	`Bar Chart`
Replication Jobs	Statistics on finished replication jobs. By default, data is displayed for the last 30 days. Hide Query Show Query logscale `#Vendor="veeam" \| #event.module="vbr" \| #repo!=xdr_* \| event.id="190" \| in(field=host.name, values=[?hostname]) \| Vendor.JobTypeCode = "1" \| Vendor.JobResultCode = * \| match(file="veeam/veeamdataplatform/veeam_action_results_lookup.csv", column=JobResult, field=Vendor.JobResultCode, strict=false) \| default(field=JobResultMessage, value="Unknown State") \| groupBy(field=JobResultMessage)`	`Pie Chart`
VM Backup Jobs	Statistics on finished backup jobs. By default, data is displayed for the last 30 days. Hide Query Show Query logscale `#Vendor="veeam" \| #event.module="vbr" \| #repo!=xdr_* \| event.id="190" \| in(field=host.name, values=[?hostname]) \| Vendor.JobTypeCode = "0" \| Vendor.JobResultCode = * \| match(file="veeam/veeamdataplatform/veeam_action_results_lookup.csv", column=JobResult, field=Vendor.JobResultCode, strict=false) \| default(field=JobResultMessage, value="Unknown State") \| groupBy(field=JobResultMessage)`	`Pie Chart`
note-1762962764645-0	# Dashboard Overview The Veeam Data Platform Monitoring dashboard displays aggregated information about jobs run on your Veeam Backup & Replication servers. # Dashboard Widgets ## Overview Section ### All Jobs The total number of jobs finished with a specific status. By default, the widget displays data for the last 24 hours. ### Transferred Data The total amount of data transferred during backup jobs and file backup jobs. By default, the widget displays data for the last 24 hours. ## Weekly Reports Section ### Backup and Backup Copy Jobs A colored graph displaying daily statistics on finished backup and backup copy jobs. By default, the widget displays data for the last 7 days. ### SureBackup Jobs A colored graph displaying daily statistics on finished SureBackup jobs. By default, the widget displays data for the last 7 days. ## Virtual Machines & Agents Section A set of pie charts displaying the breakdown of finished jobs by state: - VM Backup Jobs - VM File Copy Jobs - VM Copy Jobs - VM Quick Migration Jobs - Veeam Agent Jobs By default, widgets display data for the last 30 days. ## Backup Copy & Replicas Section A set of pie charts displaying the breakdown of finished jobs by state: - Replication Jobs - Backup Copy Jobs By default, the widget displays data for the last 30 days. ## Failed Backups Section ### Unsuccessful VM Backups A colored stacked bar chart displaying statistics on VM backup jobs finished with the Failed and Warning states on each Veeam Backup & Replication server. By default, the widget displays data for the last 30 days. ### Unsuccessful Unstructured Data Backups A colored stacked bar chart displaying statistics on file backup and object storage backup jobs finished with the Failed and Warning states on each Veeam Backup & Replication server. By default, the widget displays data for the last 30 days. ## Tapes Section A set of pie charts displaying the breakdown of finished jobs by state: - Tape Jobs - Tape Copy Jobs - Tape Verification Jobs By default, widgets display data for the last 30 days. ## Applications and Services Section A set of pie charts displaying the breakdown of finished jobs by state: - Backup Jobs for Enterprise Plug-ins — displays only events related to application backup policy jobs. For more information, see the Backup Job for Application Backup Policy Finished event in the Event Reference. - Log Backup Jobs for Enterprise Plug-ins — displays only events related to application backup policy jobs. For more information, see the Log Backup Job for Application Backup Policy Finished event in the Event Reference. - Backup Jobs for Entra ID - Log Backup Jobs for Entra ID By default, widgets display data for the last 30 days. ## Finished Jobs Section ### Latest Configuration Backups A table displaying information about the latest configuration backup job run on each Veeam Backup & Replication server. By default, the widget displays data for the last 30 days. ### Latest Finished Jobs A table displaying detailed information about the latest finished jobs on each Veeam Backup & Replication server. By default, the widget displays data for the last 30 days. ### Finished Jobs by Type A colored stacked bar chart displaying daily statistics on finished jobs by type. By default, the widget displays data for the last 30 days. ### Finished Restore Sessions by Type A colored stacked bar chart displaying daily statistics on finished restore sessions by type. By default, the widget displays data for the last 30 days. ## Unstructured Data Section A set of pie charts displaying the breakdown of finished jobs by state: - File Backup Jobs - Object Storage Backup Jobs - Backup Copy Jobs By default, widgets display data for the last 30 days.	`Note`
note-1763565730687-0	logscale `Veeam Data Platform Monitoring Dashboard Version: 1.0.0 Author: Veeam Software`	`Note`

Veeam Security Activities

The Veeam Security Activities dashboard presents detailed security event analysis through integrated security-focused visualizations. This dashboard enables monitoring of security incidents, tracking of authorization events, and assessment of suspicious activities across the backup environment.

Widget	Description	Type
Veeam Backup & Replication Security Events by Severity	Latest Veeam Backup & Replication security events by severity level. Hide Query Show Query logscale #Vendor="veeam" \| #event.module="vbr" \| #repo!=xdr_* \| in(field=event.id, values=["41600","42220","25500","26100","28100","28970","29800","30100","30400","31500","31600","31700","31800","31900","40204","40400","40500","40600","42260","42270","42302","23090","23420","24080","28200","28500","28920","28950","28980","29120","29150","29900","30200","30500","32120","32200","41402","115","31210","31400","40201","40205","40206","41610","42230","42301","42401","42402","42404","42405","21224","26110","31200","36013","42210","42500","27000","24060","24030","24050","24070","24040","42290","23630","23631","23632","23633","24020","24114","24131","24140","24142","24143","24160","24170","25000","25210","25220","25400","25700","25800","26000","26600","26700","26800","26900","27200","27300","27500","27600","27900","28400","28800","28850","28940","29110","29140","30700","30800","31000","32100","32400","32800","40202","41200","41401","42280"]) \| in(field=host.name, values=[?hostname]) \| groupBy(Vendor.Severity)	`Pie Chart`
Ingested Data Over Time	Time chart showing the amount of ingested data over selected time range. Hide Query Show Query logscale `case { #Vendor="veeam" #repo!=xdr_* \| data_source := "Data Source" ; } \| timeChart(data_source, function=count(), limit=50)`	`Time Chart`
Four-Eyes Authorization Events by Operation	Latest Veeam Backup & Replication four-eyes authorization events by operation. Hide Query Show Query logscale `#Vendor="veeam" \| #event.module="vbr" \| #repo!=xdr_* \| event.id="42402" \| in(field=host.name, values=[?hostname]) \| Vendor.OperationId = * \| match(file="veeam/veeamdataplatform/veeam_operation_names_lookup.csv", column="Operation Id", field=Vendor.OperationId, strict=false) \| default(field=OperationName, value="Unknown Operation") \| timeChart(series=OperationName, span="1 day")`	`Time Chart`
Veeam Backup & Replication Security Events by Name	Statistics on Veeam Backup & Replication security events by name. By default, data is displayed for the last 30 days. Hide Query Show Query logscale #Vendor="veeam" \| #event.module="vbr" \| #repo!=xdr_* \| in(field=event.id, values=["41600","42220","25500","26100","28100","28970","29800","30100","30400","31500","31600","31700","31800","31900","40204","40400","40500","40600","42260","42270","42302","23090","23420","24080","28200","28500","28920","28950","28980","29120","29150","29900","30200","30500","32120","32200","41402","115","31210","31400","40201","40205","40206","41610","42230","42301","42401","42402","42404","42405","21224","26110","31200","36013","42210","42500","27000","24060","24030","24050","24070","24040","42290","23630","23631","23632","23633","24020","24114","24131","24140","24142","24143","24160","24170","25000","25210","25220","25400","25700","25800","26000","26600","26700","26800","26900","27200","27300","27500","27600","27900","28400","28800","28850","28940","29110","29140","30700","30800","31000","32100","32400","32800","40202","41200","41401","42280"]) \| in(field=host.name, values=[?hostname]) \| match(file="veeam/veeamdataplatform/veeam_vbr_events_lookup.csv", column="Event Id", field=event.id) \| groupBy(field="Event Name")	`Pie Chart`
Daily Veeam Backup & Replication Security Events by Severity	Daily statistics on Veeam Backup & Replication security events over time. Hide Query Show Query logscale #Vendor="veeam" \| #event.module="vbr" \| #repo!=xdr_* \| in(field=event.id, values=["41600","42220","25500","26100","28100","28970","29800","30100","30400","31500","31600","31700","31800","31900","40204","40400","40500","40600","42260","42270","42302","23090","23420","24080","28200","28500","28920","28950","28980","29120","29150","29900","30200","30500","32120","32200","41402","115","31210","31400","40201","40205","40206","41610","42230","42301","42401","42402","42404","42405","21224","26110","31200","36013","42210","42500","27000","24060","24030","24050","24070","24040","42290","23630","23631","23632","23633","24020","24114","24131","24140","24142","24143","24160","24170","25000","25210","25220","25400","25700","25800","26000","26600","26700","26800","26900","27200","27300","27500","27600","27900","28400","28800","28850","28940","29110","29140","30700","30800","31000","32100","32400","32800","40202","41200","41401","42280"]) \| in(field=host.name, values=[?hostname]) \| match(file="veeam/veeamdataplatform/veeam_vbr_events_lookup.csv", column="Event Id", field=event.id) \| timeChart(series=Severity, span="1 day")	`Time Chart`
Latest Veeam ONE Alarms	Latest Veeam ONE alarms over time. Hide Query Show Query logscale #Vendor="veeam" \| #event.module="veeamone" \| #repo!=xdr_* \| in(field=event.id, values=["395", "364", "369", "391", "365", "370", "314", "331", "376", "377", "403", "316", "342", "381", "315", "332", "344", "378"]) \| in(field=host.name, values=[?vonehostname]) \| rename(field="host.name", as="Data Source") \| rename(field=Vendor.Severity, as=Severity) \| rename(field=message, as="Message Details") \| rename(field=Vendor.alarm_name, as="Alarm Name") \| rename(field=Vendor.alarm_type, as="Alarm Type") \| rename(field=Vendor.status_old, as="Previous Status") \| rename(field=Vendor.status_new, as="Current Status") \| rename(field=Vendor.object_name, as="Object Name") \| rename(field=Vendor.object_path, as="Object Path") \| table([@timestamp, "Data Source", "Alarm Name", Severity, "Alarm Type", "Message Details", "Previous Status", "Current Status", "Object Name", "Object Path"])	`Table`
All Security Activities	The total amount of security activities on Veeam Backup & Replication and Veeam ONE servers. By default, data is displayed for the last 7 days. Hide Query Show Query logscale #Vendor="veeam" \| #repo!=xdr_* \| in(field=event.id, values=["41600","42220","25500","26100","28100","28970","29800","30100","30400","31500","31600","31700","31800","31900","40204","40400","40500","40600","42260","42270","42302","23090","23420","24080","28200","28500","28920","28950","28980","29120","29150","29900","30200","30500","32120","32200","41402","115","31210","31400","40201","40205","40206","41610","42230","42301","42401","42402","42404","42405","21224","26110","31200","36013","42210","42500","27000","24060","24030","24050","24070","24040","42290","23630","23631","23632","23633","24020","24114","24131","24140","24142","24143","24160","24170","25000","25210","25220","25400","25700","25800","26000","26600","26700","26800","26900","27200","27300","27500","27600","27900","28400","28800","28850","28940","29110","29140","30700","30800","31000","32100","32400","32800","40202","41200","41401","42280","395", "364", "369", "391", "365", "370", "314", "331", "376", "377", "403", "316", "342", "381", "315", "332", "344","378"]) \| in(field=host.name, values=[?hostname, ?vonehostname]) \| count()	`Single Value`
Latest Veeam Backup & Replication Security Events	Latest Veeam Backup & Replication security events over time. Hide Query Show Query logscale #Vendor="veeam" \| #event.module="vbr" \| #repo!=xdr_* \| in(field=event.id, values=["41600","42220","25500","26100","28100","28970","29800","30100","30400","31500","31600","31700","31800","31900","40204","40400","40500","40600","42260","42270","42302","23090","23420","24080","28200","28500","28920","28950","28980","29120","29150","29900","30200","30500","32120","32200","41402","115","31210","31400","40201","40205","40206","41610","42230","42301","42401","42402","42404","42405","21224","26110","31200","36013","42210","42500","27000","24060","24030","24050","24070","24040","42290","23630","23631","23632","23633","24020","24114","24131","24140","24142","24143","24160","24170","25000","25210","25220","25400","25700","25800","26000","26600","26700","26800","26900","27200","27300","27500","27600","27900","28400","28800","28850","28940","29110","29140","30700","30800","31000","32100","32400","32800","40202","41200","41401","42280"]) \| in(field=host.name, values=[?hostname]) \| match(file="veeam/veeamdataplatform/veeam_vbr_events_lookup.csv", column="Event Id", field=event.id) \| rename(field=message, as="Message Details") \| rename(field=host.name, as="Data Source") \| rename(field=Vendor.FullUserName, as=User) \| table([@timestamp, "Data Source", User, "Message Details", Severity])	`Table`
Daily Veeam ONE Alarms by Severity	Daily statistics on Veeam ONE alarms over time. Hide Query Show Query logscale `#Vendor="veeam" \| #event.module="veeamone" \| #repo!=xdr_* \| in(field=event.id, values=["395", "364", "369", "391", "365", "370", "314", "331", "376", "377", "403", "316", "342", "381", "315", "332", "344", "378"]) \| in(field=host.name, values=[?vonehostname]) \| timeChart(series=Vendor.Severity, span="1 day")`	`Time Chart`
Marked as Infected	Statistics on Veeam Backup & Replication objects marked as Infected. By default, data is displayed for the last 30 days. Hide Query Show Query logscale `#Vendor="veeam" \| #event.module="vbr" \| #repo!=xdr_* \| event.id="42220" \| in(field=host.name, values=[?hostname]) \| count()`	`Single Value`
Veeam ONE Alarms by Name	Statistics on Veeam ONE alarms by name. By default, data is displayed for the last 30 days. Hide Query Show Query logscale `#Vendor="veeam" \| #event.module="veeamone" \| #repo!=xdr_* \| in(field=event.id, values=["395", "364", "369", "391", "365", "370", "314", "331", "376", "377", "403", "316", "342", "381", "315", "332", "344", "378"]) \| in(field=host.name, values=[?vonehostname]) \| groupBy(field=Vendor.alarm_name)`	`Pie Chart`
Veeam ONE Alarms by Severity	Latest Veeam ONE alarms by severity level. Hide Query Show Query logscale `#Vendor="veeam" \| #event.module="veeamone" \| #repo!=xdr_* \| in(field=event.id, values=["395", "364", "369", "391", "365", "370", "314", "331", "376", "377", "403", "316", "342", "381", "315", "332", "344", "378"]) \| in(field=host.name, values=[?vonehostname]) \| groupBy(field=Vendor.Severity)`	`Pie Chart`
Marked as Suspicious	Statistics on Veeam Backup & Replication objects marked as Suspicious. By default, data is displayed for the last 30 days. Hide Query Show Query logscale `#Vendor="veeam" \| #event.module="vbr" \| #repo!=xdr_* \| event.id="41600" \| in(field=host.name, values=[?hostname]) \| count()`	`Single Value`
Four-Eyes Authorization Events	Statistics on Veeam Backup & Replication four-eyes authorization events. By default, data is displayed for the last 30 days. Hide Query Show Query logscale `#Vendor="veeam" \| #event.module="vbr" \| #repo!=xdr_* \| event.id="42402" \| in(field=host.name, values=[?hostname]) \| count()`	`Single Value`
Data Source Detector	Discover available data sources and their corresponding security event categories. Results reflect data availability for the selected time range. Hide Query Show Query logscale `#Vendor="veeam" \| #repo!=xdr_* \| stats([ count(as="_eventCount"), max(@timestamp, as=_latest_event) ]) \| "Data Source" := "Veeam Data Platform" \| case { _eventCount>0 \| Status := "✅"; * \| Status := "❌"; } \| table(["Data Source", Status])`	`Table`
note-1763021247804-0	# Dashboard Overview The Veeam Security Activities dashboard displays aggregated information about security activities on your Veeam Backup & Replication and Veeam ONE servers. By default, data is shown from all data source hosts. To filter data, you can select a specific time period or a data source host. # Dashboard Widgets ## Overview Section ### Veeam Backup & Replication Security Events A pie chart displaying the breakdown of Veeam Backup & Replication security events by severity level. By default, the widget displays data for the last 24 hours. ### All Security Activities The total number of security activities including Veeam Backup & Replication security events and Veeam ONE alarms. By default, the widget displays data for the last 7 days. ### Veeam ONE Alarms A colored graph displaying the breakdown of Veeam ONE alarms by severity level. By default, the widget displays data for the last 24 hours. ### Veeam Backup & Replication Security Events by Name A pie chart displaying the breakdown of Veeam Backup & Replication security events by name. By default, the widget displays data for the last 30 days. ### Veeam ONE Alarms by Name A pie chart displaying the breakdown of Veeam ONE alarms by name. By default, the widget displays data for the last 30 days. ### Marked as Infected The total number of objects marked as Infected. For more information, see Malware Detection in the Veeam Backup & Replication User Guide. By default, the widget displays data for the last 24 hours. ### Four-Eyes Authorization Events The total number of four-eyes authorization events. For more information, see Four-Eyes Authorization in the Veeam Backup & Replication User Guide. By default, the widget displays data for the last 24 hours. ### Marked as Suspicious The total number of objects marked as Suspicious. For more information, see Malware Detection in the Veeam Backup & Replication User Guide. By default, the widget displays data for the last 24 hours. ## Daily Security Activities Section ### Daily Veeam Backup & Replication Security Events A colored graph displaying daily statistics on Veeam Backup & Replication security events by severity level. By default, the widget displays data for the last 30 days. ### Daily Veeam ONE Alarms A colored graph displaying daily statistics on Veeam ONE alarms by severity level. By default, the widget displays data for the last 30 days. ## Latest Security Activities Section ### Latest Veeam Backup & Replication Security Events A table displaying information about the latest security events triggered on each Veeam Backup & Replication server. By default, the widget displays data for the last 30 days. ### Latest Veeam ONE Alarms A table displaying information about the latest alarms triggered on each Veeam ONE server. By default, the widget displays data for the last 30 days. ## Four-Eyes Authorization Events Section ### Four-Eyes Authorization Events by Operation A colored stacked bar chart displaying daily statistics on four-eyes authorization events by operation. By default, the widget displays data for the last 7 days.	`Note`
note-1763565785642-0	logscale `Veeam Security Activities Dashboard Version: 1.0.0 Author: Veeam Software`	`Note`

Versions of this Page

Package Marketplace

Package Reference

Dashboard Reference

Package Management

Other Integrations

Log Formats

veeam/veeamdataplatform Dashboards

Veeam Data Platform Monitoring

Veeam Security Activities

Enter search term