4.4.1.6. Monitoring

With all the information related to the Endpoint Compliance network module that the system collects, it generates dashboards so that this information can be read and interpreted quickly and easily by the user. As a large volume of data of different types and sources is generated, different dashboards have been defined that group this information through graphs and tables.

All Dashboards have filters that allow us to define what parameters to show and what time period of the data will be used to generate said dashboards. Keep in mind that, if in the indicated period of time there has been no update on a specific device, through an event, this device will not appear.

4.4.1.6.1. UDC Overview

The UDC Overview dashboard displays all the user devices connected to the network, along with their compliance status and Agent features. We can see the following view on this dashboard:

../../../_images/udc_overview2.png


  • Agents installed on Desktops: Represents the percentage of devices awith and without the Agent installed and reporting.

  • EPC_SecurityCompliance: Represents the percentage of user devices with security compliance and not security compliance.

  • Total Devices with OpenNAC Agent: Displays the total number of devices with the Agent installed in the network.

  • EPC Security Center Compliance: Displays the percentage of devices that have the EPC_SECURITY_COMPLIANCE tag assigned and the percentage that do not have it.

  • Hostname List: A table listing hostnames and their compliance status for Security Center, Software and System Update.

../../../_images/udc_overview3.png


  • EPC Software Compliance: Displays the percentage of devices that have the EPC_SOFTWARE_COMPLIANCE tag assigned and the percentage that do not have it.

  • EPC System Update Compliance: Displays the percentage of devices that have the EPC_UPDATE_COMPLIANCE tag assigned and the percentage that do not have it.

Note

This view relies on the following UD Tag Policies to display all values in the dashboards:

  • EPC_SECURITY_CENTER_COMPLIANCE

  • EPC_SECURITY_COMPLIANCE

  • EPC_SOFTWARE_COMPLIANCE

  • EPC_UPDATE_COMPLIANCE

Refer to the UD Tag policies section for more information about the predefined tag policies.

4.4.1.6.2. UDC Metrics

The UDC Metrics dashboard displays various metrics and statistics related to User Device Compliance (UDC):

../../../_images/udc_overview1.png


This header composed of four dashboards allows filtering by Network Device Location, Device Network Name, Device Network CDIRs, Endpoint Types. It will always look for the temporary index that is regenerated every day. In this toolbar, filter your data using Lucene syntax.

../../../_images/udc_metrics2.png


  • Total UD Compliance: Display the total count of compliant User Devices.

  • UD Compliance average time poleval: Displays the average time of poleval.

  • UD Compliance events: Displays the User Devices compliance events.

../../../_images/udc_metrics3.png


  • UD Compliance table: Shows a table with the compliant user devices. This table displays data for instance as the MAC adddres, the IP, and Agent compliance.

4.4.1.6.3. UDC Agent Metrics

The UDC Agent Metrics dashboard displays various metrics and statistics related to Agent events:

../../../_images/udc_agent_metrics1.png


This header composed of four dashboards allows filtering by Network Device Location, Device Network Name, Device Network CDIRs, Endpoint Types. It will always look for the temporary index that is regenerated every day. In this toolbar, filter your data using KQL syntax.

../../../_images/udc_agent_metrics2.png


  • Agent events by server: Metric that represents the agent events by server.

  • Poleval average times: Metric that represents the average time taken for poleval (policy evaluation) in a specific timestamp.

../../../_images/udc_agent_metrics3.png


  • Unique agent events: Table that features the UID (Device Unique Identifier) tags, hostname and count of unique agent events.

4.4.1.6.4. EPT Changes

The EPT Changes dashboard displays information and records related to changes in Endpoint types:

../../../_images/profiling_metrics_header.png


This header composed of four dashboards allows filtering by Network Device Location, Device Network Name, Device Network CDIRs, Endpoint Types. It will always look for the temporary index that is regenerated every day. In this toolbar, filter your data using KQL syntax.

../../../_images/ept_changes2.png


  • EndPoint Type changes over time: Displays a graphic with the changes over time and the tags associated to the EPT.

../../../_images/ept_changes3.png


  • EndPoint Type changes: Table that displays APT changes details, including the previous EPT tags (UTC) and the count of those events.

  • oppenac events: Displays events related to the EPT change.

You can also navigate to Administration Portal > Analytics > UDC to find information about the dashboards available for this use case.