When you initially log in to the Lacework Console (or click Dashboard), the global dashboard displays. In the top left corner Lacework lets you perform a global search of assets known to Lacework.
For more information, see Global Search.
Lacework supports the following browser versions and later:
- Google Chrome 63
- Apple Safari 11
- Microsoft Edge 15
- Mozilla Firefox 58
The global dashboard displays a visual summary of the following items for the selected time range:
- All cloud, network, user, and process events ingested by Lacework
This depends on the configured integrations, for example, CloudTrail data is not displayed unless CloudTrail is configured as an integration.
- Entity behaviors identified by Lacework
- Alerts and critical alerts generated by Lacework
You can filter on a specific time range using the menu located in the top right corner. You can filter from the latest day or up to the last 90 days (or 180 days if you subscribe to additional storage). Users in different time zones can select the time range in their local time, but the data is always in GMT. So, users in different time zones might see different data depending on local time.
Total alerts by severity display the total number of alerts broken out by severity. To display a severity's alerts on the Alerts page, click View in alerts.
Host alerts and Cloud alerts display the top four host and cloud alerts broken out by severity.
Cloud compliance by provider displays the percentage of non-compliant policies for AWS, Azure, Google Cloud, and Oracle Cloud Infrastructure (OCI). This graph displays information only if the appropriate cloud service integration with Lacework is configured.
Incoming data displays data that represents cloud audit logs, network connections established, all process activity, files scanned, and cloud resources audited.
Entity behaviors displays data about the logical clusters of entities that are created based on their behaviors. Lacework extracts applications, users, machines, processes, containers, and account behaviors from how and where they interact within the cloud and outside.
The global search provides the ability to search across a number of assets in Lacework. To start a search, click Search and enter text in the search bar and Lacework immediately returns results when the search finds any assets that match the entered string, within the following time constraints:
- Alerts created in the last 90 days
- Networks accessed in the last 7 days
- All other assets created or accessed in the last 30 days