I have a general question for those that are admins or users of Enterprise Security. I am tasked with considering what searches or panels that I will be placing in a dashboard that may be useful to the users of Enterprise Security regarding system health. While this generally is more of an administrative concern, I still have to present something that may be of interest to those who are actively using ES from a SOC perspective and relevant health or threshold searches (alerts) that may be of interest to them. While I have some basic thoughts from ES Health dashboards, what would some of you consider using or presenting to your end users of Enterprise Security?
This is a general discussion so any input is appreciated. Feel free to comment and I will reply as needed over the next few days. Thank you!
↧