Dashboards and monitoring

  • Last update on November 17th, 2023

Playbook dashboards

When you select a playbook from the Playbook parent category, you will have access to three dashboards for managing your playbooks and policies. Let's explore the differences between them.

Strategic dashboard

It serves as a comprehensive log of playbook actions performed across multiple weeks or months.

This dashboard is particularly useful for setting strategic objectives and monitoring progress toward achieving them.

If you are a Tenant Admin, you can select “Manage playbooks” in the top-right corner. This link will direct you to the Playbook Policy Library.

 
 

Operational dashboard

It offers valuable insights into the various operations performed by the playbook, including the number of times a policy has been remediated, the number of exceptions managed and validated, and those that have not been addressed. By leveraging these metrics, users can better understand the playbook's effectiveness and refine their strategy accordingly.

If you are a Tenant Admin, you can select “Manage playbooks” in the top-right corner. This link will direct you to the Playbook Policy Library.

 
 

Monitoring dashboard

Here, Tenant Admins can manage the policies, while other operators can view the policies that tenant admins have set as public and, if enabled, run the remediation.

If you are a Tenant Admin, you can select “Manage playbooks” in the top-right corner. This link will direct you to the Playbook Policy Library.

 
 

Remember that Tenant Admins, Playbook Admins, and Global Viewers can see all the dashboards, while Playbook Managers can only access the Monitoring Dashboard (if they have received permission to do so)!

 

Please note that the “Strategic dashboard” shows data starting from the following week after the policies are enabled. The only exceptions are the “Matched items over time” and “Corrective actions over time” widgets which can also be configured on a daily basis. If that's the case, data will be shown after 24 hours.

 

What kind of information can I get?

Each dashboard provides you with a precise set of information. Let's explore in detail what you can learn from the widgets displayed in the “Strategic” and “Operational” dashboards:

Strategic dashboard

  • Current snapshot of matched items provides you with the present number of matched items detected, grouped by policy.
  • Matched items over time allows you to track the numbers of detected matched items, grouped by policy. This information is captured at the end of each week. 
  • Workflow history lets you view the entire historical progress of executed workflows grouped by policy.
  • Corrective actions over time allows you to track progress or compare snapshots of successive workflows grouped by policy. This information is captured at the end of each week.
  • Historical time saving provides greater visibility into the return on investment (ROI) of using playbooks to remediate matched items instead of using native solutions.
  • Potential monthly time saving gives you an estimate of how much time you could save if you enabled remediation for all policies that currently don't have it enabled.

Operational dashboard

  • Policy compliance shows you which policies are currently compliant with the threshold and which ones are not.
  • Top 3 policies with most exceptions is based on a review executed every 30 days, and you can check when it was last updated at the top of the widget.
  • Scheduled remediation for next 7 days allows you to control and take preventive actions for remediations that will be executed within a week. 
  • Workflow progress by policy shows the status of workflow execution grouped by policy within a selected time period, and you can edit the time period directly from the widget. 
  • Recently failed workflows show failed workflows related to each policy. 
  • Recently succeeded workflows shows successful workflows related to each policy.

In-depth: Monitoring dashboard

Here are more details on the monitoring and management activities that can be performed from the Monitoring tab.

  • Matched items are identified as anomalies that require remediation.
  • Exceptions refer to items that do not comply with the policy but are accepted and do not require remediation.

Blue tag The blue alert means you have not set a threshold or that the matched items have not yet reached the threshold you set.
Grey tag This tag is used to mark exceptions.
Green tag This tag indicates that a remediation workflow has been enabled for some matched items of a custom policy, and it's scheduled to occur.
Red tag The red alert means that the number of items has surpassed the predefined definition.