CDC Reports
- 12 Dec 2022
- 1 Minute to read
- DarkLight
- PDF
CDC Reports
- Updated on 12 Dec 2022
- 1 Minute to read
- DarkLight
- PDF
Article Summary
Share feedback
Thanks for sharing your feedback!
There are various reports that can be viewed and generated via the CDC platform. These reports summarize all important events and alerts and incident metrics.
The table below details the available reports.
| Report Name | Description |
|---|---|
| Alerts | Includes multiple tabs related to Alerts. |
| Incidents | Includes multiple tabs related to incidents. |
| Observables | Includes multiple tabs related to observables. |
| CTI Landscape | Includes multiple tabs related to CTI landscape alerts, and the IOCs within them. |
| Period | Provides a high level overview and detailed breakdown of alert and incident activity during a selected time period, and the status of the alerts and incidents at the end of the period. |
| Periods Comparison | Designed to show how alerts and incidents change over successive periods. |
| MITRE ATT&CK | Designed to show how alerts and their detection rules map onto the MITRE ATT&CK matrix |
| Annotation Review | Designed to assist reviewing closed alerts and incidents, with this closing reasons and comments, alongside the observables attached to them |
| Threat Hunting | Designed to showcase the plans and results of the Threat Hunting service |
Many reports include multiple tabs. Tab names are located at the bottom of the report screen.
Each report includes along the bottom information about the time of the most recent data point included in the report ('Data updated to'), the time the report was last refreshed, and the report version. When requiring up-to-date data, it is critical to note the time the report was last refreshed, and how recent the most recent data point included is. Reports should refresh at least every 4 hours.
Note: You can also export reports to PDFs or PPTs (this can take up to one minute, so it will run in the background and the report will download automatically when ready).
Note: Administrators can change the order of the reports in the Reports menu.
Note: The Reports menu includes an option to refresh the data and report, so that you can generate an updated version of the report. This enables you to get more accurate reports and not have to wait for an automatic update. Refreshing will refresh the data for all reports, so it is not necessary to immediately refresh each report when it is opened.
