Views:

The network analytics report consists of three main sections.

Summary

The Summary section displays the severity, the number of detected internal hosts and Indicators of Compromise (IOCs), and the attack patterns, and provides a high-level overview of the malicious activity of the correlated event.
To export the correlation data of this correlated event, click Export and then select Printer-friendly or CSV.
The Summary section can be collapsed and expanded by clicking on the collapse (dddna_summary_collapse=GUID-30E62BCB-0E12-4C53-967D-71834FAF56FD=1=en-us=Low.png) and expand icons (dddna_summary_expand=GUID-CA101720-956C-4123-A237-5A030D727B17=1=en-us=Low.png).

Correlation Graph

The Correlation Graph section provides a visual representation of correlations made between the suspicious object selected in Trend Vision One and other related objects.
Click on the filter icon (dddna_graph_filter=GUID-1A803C70-BBB6-4F2B-BF16-6B5CFFFAC409=1=en-us=Low.png) located next to the Playback Bar to display or hide the advanced search filter.

Transaction and IOC Details

The Transaction and IOC Details section provides details about each transaction represented in the correlation graph, and each detected Indicator of Compromise (IOC).
Transactions are listed from oldest transaction at the top to the most recent transaction at the bottom. Listed transactions might have occurred in a single day or might span several months, depending on the correlations found by Deep Discovery Director - Network Analytics. IOCs are listed from oldest first seen at the top to the most recent first seen at the bottom.
The Transaction and IOC Details section can be collapsed and expanded by clicking on the collapse (dddna_trans_iocs_collapse=GUID-90155883-8966-4D26-B6AC-D0918BEC3089=1=en-us=Low.png) and expand icons (dddna_trans_iocs_expand=GUID-ACD57F7E-4D64-4EAF-B624-D22B51459C24=1=en-us=Low.png).