Contents
1. Using the Home Tab
The Home Tab provides a convenient way of viewing Live Statistics, My Alerts, Global Alerts and Services. From this centralized view, you can drill down to investigate further by simply clicking in the appropriate area.
1.1. Home Tab Location
The Home Tab is located in the Investigations scroll bar on the top right panel of Finder to the right of the Search field.
Selecting the Home Tab View
The Home Tab is always the left most tab on this scroll bar, but may 'disappear' if you launch more investigation tabs than can be accommodated in the scroll bar. If this happens, arrow icons appear at each end of the scroll bar. Scroll the Home Tab back into view by clicking and holding down the mouse button on the left arrow icon until the Home Tab scrolls back into view.
Default Home Tab View for Admin account (top section), showing scroll arrows to the left and right of the fully occupied Investigations scroll bar
The Home Tab view for an admin account only shows Global Alerts, since all admin alerts are by default global. A normal account shows My Alerts as well as the Global Alerts as is shown below.
Default Home Tab View for a non admin account (top section)
Note that in this screen shot, there are no My Alerts available so Finder conveniently enables you to create one by clicking on Create new alert.
1.2. Alerts, Statistics and Source Information
1.2.1. The Right Pane
Alert counts (bar graph display)
Statistics and Engine information
Information on Hardware, Operating System, Local Drives, Security, Startup and Categories
1.2.1.1. Exploring Alerts
Alert Counts (default view when Home Tab is selected)
The Global Alerts and My Alerts views (left pane of Home Tab) show a representation of source alerts which occurred in the past 24 hours. The Alert Counts views (right pane - see above snapshot) provide you with the list of sources which were involved in these alerts, ordered by the number of alerts. Hovering over an alert in the left pane view highlights the source(s) responsible for the alert. Alternatively, hovering over a source name on the right hand side pops up a window with more information on what caused the alert and highlights the alerts in the Global Alerts and My Alerts views that were caused by that source. A double click on an alert enables you to drill down and investigate the cause of the alert.
Clicking on the number prior to the time display in Global Alerts, My Alerts and Services lists details of the sources involved.
1.2.1.2. Exploring Statistics
Statistics and Engine information
Clicking on any of the totals in the Last 24h and Total columns of the Statistics section generates an investigation report that lists the associated elements.
1.2.1.3. Exploring Hardware, Operating System, Local Drives, Security, Startup and Categories
Hardware, Operating System, Local Drives, Security, Startup and Categories information
Clicking on any of the items under each of the above categories generates a comparative bar chart summary. The snapshot below shows the result of selecting 'OS version and architecture' under the Operating System category. You can drill down further by double clicking on a summary item (e.g. 'Windows XP'): this generates a detailed report of all sources belonging to that category. Alternatively, if you wanted to explore another category, you need to click on the drop down arrow to the right of the OS field (shown below) and select your next category.
Source Information - Operating System Categories; selecting another reporting category
1.2.2. Investigating Alerts
Alerts scroll by in the bottom of the Home Tab.
Base of Home Tab View, showing Latest Alerts. User is about to launch an Investigation on Active Desktop Alert.
You can quickly launch an investigation on an alert when it appears by clicking on the Alert name. The Alert name is underlined as the mouse cursor hovers over it and the investigation appears in the Finder frame above when the Alert name is clicked. Click on the Home Tab to return to the Home view.
1.2.3. Viewing Live Statistics
Live Stats scroll by immediately below the Home Tab icon
Example of Live Stats shown under Home Tab icon
1.3. Viewing Services
The Home Tab Services view enables you to visualize service activity on a global scale (e.g. on the whole network). At a glance you can see when sources are using the service (presence of activity band), how many sources are using it (activity band colour intensity) and whether they are experiencing any problems (colour bar in the activity band). Service health colours are blue (full service availability), yellow (some sources with low service availability), red (more than half sources with low service availability).
Clicking on the Service label provides a network view of traffic generated by that service.
Hovering over a 30 minute period pops up a tooltip providing more detail as is shown in the screenshot below. Tooltip content varies depending on the availability status of the service as well as the options presented for drill-down.
Services View showing additional information provided by Tooltip
In the above example, we can see that in the last 24 hours, 15 sources were using the mail client service (the count shown at the start of the activity band for Mail Clients services). Hovering the mouse cursor over a period with a yellow bar shows that between 09:00 and 09:30, 1 of 7 mail clients was having minor network availability issues. By right clicking over this 30 minute period for the service of interest, we can drill-down to determine the cause.
Below we have right clicked to investigate the Instant Messaging problems flagged by the red bar in the centre of the Instant Messaging activity band. We can either look at network activity or the sources involved.
Services View showing how drill-down provides a selection of Network Activity investigation options
Services View showing drill-down to sources in order to identify which source is experiencing difficulties