Attachments

doc/4.0.0/Working With Portal/Using Widgets/Issues

1. Issues Widget

Contents

  1. Issues Widget
    1. Purpose
    2. Creating widget
      1. Step 1
      2. Step 2
      3. Add issue - Step 1
      4. Add issue - Step 2
      5. Add issue - Step 3
      6. Edit issue
    3. Using widget
      1. Ratio
      2. Overall
      3. Details
      4. History

1.1. Purpose

The purpose of this widget is to track objects having an issue modelled with an investigation. The objects returned by the investigation have to be the ones experiencing the issue (e.g., "sources with no antivirus"). Consequently, if the investigation returns no result, it means that there is no issue. In one single widget, one is able to define several issues. The issues are computed over a sliding period of time, independently of what is available in the Engine. For exemple, one can define issues with a period of month; it means that every day, the values correspond to the last month (30 days). Issues can also be grouped by any category (e.g., per location).

1.2. Creating widget

1.2.1. Step 1

  • wizard_main_step1.png

  1. select the time period (day, week, month, quarter or year)
  2. optionally select a criterion for grouping results:
    • "group by" - it can be any category on any object type, results are classified by keywords
    • "hierarchy" - using a hierarchy permits to structure the result as defined in the hierarchy but also to apply access rights set to users (available only if at least one hierarchy has been defined

1.2.2. Step 2

  1. define the issues you'd like to track, see Add issue - Step 1 for details

  2. the table summarize all issues to track and they could be edited and ordered. The order in the table defines the order the issues will be displayed
  3. select the number of days to display in trend chart
  4. enable or not the display of overall. This option is available only if all issues are based on the same object. Overall will be displayed as other issues but it is computed as the union of all defined issues. In addition a chart is displayed.
  5. if overall is enable some options are available like for other issues
    • apply or not a ratio on the overall issue
    • enter the threshold as absolute value or as a percentage (only if ratio selected)
  6. enter the email address of recipients if an alert is detected


    wizard_main_step2.png

1.2.3. Add issue - Step 1

  1. paste one investigation per issue or paste one folder (one issue per investigation contained in the folder will be created automatically and the same configuration will be applied on each)
  2. choose the computation mode. Two modes are available:
    • current status: only the current status of each object is taken into account. For instance, if one defines the issue "sources without antivirus", one usually wants to take into account if it has an antivirus right now.

    • all statuses: all statuses of each object during the time period is taken into account. For instance, if one defines the issue "sources with incident XYZ", one usually wants to take into account sources that have had the incident at least once during the whole period. If on day D a source has the incident XYZ and on day D+1 it has not the incident anymore, it would still appear as a source with the issue.


    wizard_addissue_step1.png

1.2.4. Add issue - Step 2

  1. apply or not a ratio. The list contains Inventory widget based on the same object and having the same group by and time window configured
  2. enter the threshold as absolute value or as a percentage (only if a ratio has been applied). When the computed value overrides the threshold then it is considered as a problem
  3. enable or not the alert for this issue. If alert is enabled and the value overrides the threshold then an email is sent to every email addresses defined in step 2.


    wizard_addissue_step2.png

1.2.5. Add issue - Step 3

  1. optionally, add some fields to display in details. The list contains attributes, aggregates and categories of the object in the investigation

1.2.6. Edit issue

It is possible to edit an issue once added, but only the configuration, not the investigation.

The first step contains the main configuration like threshold and the second step permits to add additional fields like in step 3 during add.


  • wizard_editissue_step1.png

1.3. Using widget

  • Each issue is displayed in a list in configured order. For each issue, the number of objects experiencing the issue is displayed and a sparkline shows the trend over the past days. A green/red bullet is also displayed to show at a glance if there are any issue. This status is computed using the threshold, whatever is the display type (no percentage or ratio) the configured threshold is used. It means that if threshold is 10%, even if the values are displayed in absolute, the status is computed using 10%.
  • If a "group by" category has been defined, each issue can be expanded to see the values per group (e.g., per location). One can also select one particular group (at the bottom of the widget) and then only the values for that group is displayed for all issues.


    view_groupby.png

  • When a hierarchy is used to group results then a navigation bar appears to indicate the position in the hierarchy.
    • To drill down, click on the node


    view_hierarchies_drilldown.png

    • To drill up, use the navigation bar and click on a level. The last level could not be clicked since this is the current one.


    view_hierarchies_drillup.png

/!\ Note that when a widget is defined to use hierarchies, the content could be different depending on access rights of the user and on domain set to the module. In the previous example the hierarchy is displayed from its root but it could start from a lower node or the drill down limited to a level before than leaves are reached. It could also happen that the user couldn't see anything.

1.3.1. Ratio

One can choose two different modes to display values:

  • none: display absolute values
  • ratio: display the values in percentage of the referenced widget


    view_ratio.png

When ratio is selected, if an issue has no reference configured then the absolute value is displayed

1.3.2. Overall

When overall is enabled, a new row is added on the top. This row is a 'sum' of others, but since the same object could correspond to multiple issues then the value displayed is not the arithmetical sum but the union of them.

In addition its value is highlighted on top with a trend chart and the difference with the last day. Note that the value and the difference are links to details and history dialogs.

The chart is interactive and values for each date are displayed when mouse is over the chart


  • view_overall_day.png

The chart could be displayed in days as above but if a larger time window has been configured then it could be use as time scale. In this case, week is used. It means that there is a point for each week (the Sunday). If the period is not completed then the current period is displayed with dotted line. Event if the value is valid, for the chart there is not the same number of day, this is the reason for which the chart uses this special line.


  • view_overall_week.png

1.3.3. Details

The list of returned object can be displayed by clicking on the number. The additional fields configured are displayed here. This list could be exported in csv format.


  • view_details.png

1.3.4. History

The history dialog permits to see the value in the past. After the first computation, n/a will be displayed since it needs at least two consecutive computations to have an evolution.

They are different modes in the history dialog:

  • last change: display objects which have been added or removed
  • specific dates: display the history between two dates
  • last days: display the history from today for the last x days

  • last <time window unit>: depends on the time window configured. Display the history from today for the last x <time window unit>

  • month: display the history for a given month
  • quarter: display the history for a given quarter
  • semester: display the history for a given semester
  • year: display the history for a give year

For each mode, the available choices correspond to the dates computed for the widget.

By default, the selected mode correspond to the scale selected for the overall chart to display the same chart as displayed in the widget. It means that last days is selected if chart is displayed in days and last weeks if the chart is displayed in weeks.

The last change mode display the evolution between two last computations of the widget and list the objects added or removed.

  • view_history_lastchange.png

All other modes display a chart with the values corresponding to the selected period of time. The minimal and maximal values are highlighted. Except the last <time window unit> mode, the charts are displayed in days.

  • view_history_month.png

If a percentage has been selected in the widget, the the history dialog reflects this selection and all values are in percentage.

  • view_history_ratio.png

Note that, all tables can also be directly exported in CSV for processing in another system (e.g., Excel).

last modified 2011-11-16 08:09:00