DLP Incidents Tab Parent topic

The Incidents tab summarizes incidents over time, by channel and agent. The time span is seven days by default, and data is summarized in real time. If your implementation includes DLP Network Monitor, you can view summaries for both network agents and endpoint agents. Otherwise, DLP sets network agent values to zero (0).

DLP Incidents Tab Charts

Chart
Notes
Top Agents and DLP Incidents Summary
  • For the Endpoint Agents tab, the Top Agents and Incidents Summary report displays the top 5 endpoints with the most incident logs reported in the past 90 days. The report is color-coded by online/offline incidents.
  • For the Network Agents tab, the Top Agents and Incidents Summary report displays the top 5 IP sources with the most incident logs reported in the past 90 days.
DLP Incidents Over Time
This chart is color-coded by agent type: Endpoint Agent and Network Agent. If you are not running DLP Network Monitor, only one line displays. You can select to view this chart by 1 week or 1 month.
Security Events
This table displays information about the last 10 incidents.
DLP Incidents
This table displays the total number of incidents by channel over the last 90 days. “Total” is the total number of incidents found by both endpoint and network agents (if your implementation includes DLP Network Monitor).
Agent Status
This table displays the number of agents that are offline or online.
Top DLP Incident Sources
This table displays information about the top 5 incident sources over the last 90 days.