From 08193a3f9cd8e1f09d6ad6cb5c38249f8a089a7e Mon Sep 17 00:00:00 2001 From: Osmany Montero Date: Mon, 4 Mar 2024 16:17:33 +0200 Subject: [PATCH] Bugfix (#2) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Changes Integrations * Changes Examples playbooks Ubuntu --------- Co-authored-by: Alayn Sanchez Nuñez --- .../IncidentResponsePredefinedExamples.md | 5 ++-- _site/Installation/Architecture.html | 2 +- .../FederationServiceInstallation.html | 2 +- _site/Installation/FirewallRules.html | 2 +- .../Installation/InstallationGuideAzure.html | 2 +- .../MasterServerInstallation.html | 4 +-- _site/Installation/README.html | 2 +- _site/Installation/SSLConfiguration.html | 2 +- _site/Installation/SystemRequirements.html | 2 +- _site/QuickStart.html | 2 +- .../UTMStackComponents/Compliance/README.html | 2 +- .../Configuration/ApplicationSetting.html | 2 +- .../Configuration/README.html | 2 +- .../Dashboards/Charts/Goal.html | 2 +- .../Dashboards/Charts/HeatMap.html | 2 +- .../Dashboards/Charts/Line.html | 2 +- .../Dashboards/Charts/List.html | 2 +- .../Dashboards/Charts/Metric.html | 2 +- .../Dashboards/Charts/Pie.html | 2 +- .../Dashboards/Charts/README.html | 2 +- .../Dashboards/Charts/Table.html | 2 +- .../Dashboards/Charts/TagCloud.html | 2 +- .../Dashboards/DashboarList.html | 2 +- .../Dashboards/DashboardCreation.html | 2 +- .../UTMStackComponents/Dashboards/README.html | 2 +- .../Dashboards/VisualizationCreation.html | 2 +- .../Dashboards/VisualizationList.html | 2 +- .../Incidents/IncidentResponseAutomation.html | 2 +- .../Incidents/Incidents.html | 2 +- .../UTMStackComponents/Incidents/README.html | 2 +- .../Log Explorer/README.html | 2 +- .../Threat Management/AlertManagement.html | 2 +- .../Threat Management/FalsePositive.html | 2 +- .../Threat Management/README.html | 2 +- _site/assets/js/search-data.json | 28 +++++++++---------- _site/index.html | 2 +- 36 files changed, 52 insertions(+), 51 deletions(-) diff --git a/UTMStackComponents/Incidents/IncidentResponsePredefinedExamples.md b/UTMStackComponents/Incidents/IncidentResponsePredefinedExamples.md index c8ec7ab..e7585dd 100644 --- a/UTMStackComponents/Incidents/IncidentResponsePredefinedExamples.md +++ b/UTMStackComponents/Incidents/IncidentResponsePredefinedExamples.md @@ -1,11 +1,12 @@ --- layout: default -title: Predefined playbooks +title: Examples playbooks parent: Incident Management nav_order: 3 --- -# Predefined playbooks of incident response actions +# Examples of incident response playbooks +In this section, we offer **examples of incident response playbooks tailored for Ubuntu systems**, designed to assist system administrators and security professionals in effectively managing security incidents. ## Shutdown Machine diff --git a/_site/Installation/Architecture.html b/_site/Installation/Architecture.html index 91ce21d..a0f2106 100644 --- a/_site/Installation/Architecture.html +++ b/_site/Installation/Architecture.html @@ -1 +1 @@ - Architecture | Documentation Skip to main content Link Menu Expand (external link) Document Search Copy Copied
Documentation
This site uses Just the Docs, a documentation theme for Jekyll.

Architecture and Deployment Models

UTMStack offers a flexible and scalable architecture, empowering organizations to choose from various deployment models that best suit their needs. Whether deployed on the cloud or on-premises, UTMStack can seamlessly adapt to any scenario, providing a robust and comprehensive cybersecurity solution.

Deployment Models

UTMStack presents four compelling deployment models, each catering to specific requirements and offering distinct advantages:

1. Master Only Deployment: Unparalleled Data Control and Security

Master Only Diagram

A Master Only Deployment of UTMStack is dedicated to an individual customer, ensuring unparalleled data control and security.

By opting for a master-only installation, organizations can maintain complete control over their data. UTMStack can be effortlessly deployed within the customer’s network, whether on a virtual machine or a physical server. This approach allows for direct log gathering from customer devices and applications, ensuring data remains within the organization’s boundaries.

With data isolation and enhanced security, the master-only deployment model offers peace of mind, particularly for organizations concerned about sharing sensitive information with third parties.

2. Federated Master Deployment: Streamlined Management for MSPs

Master Only Diagram

The federated master deployment model is ideal for Managed Service Providers (MSPs) managing multiple instances of UTMStack.

In this model, multiple master servers are deployed, with one in each customer’s network. A central federation service acts as a unified monitoring panel, allowing MSPs to effortlessly oversee alerts generated by separate systems from a single centralized interface.

This streamlined approach simplifies monitoring and management, enabling MSPs to efficiently navigate activities across multiple clients and organizations.

The federated master deployment model is commonly used by SOC teams for its simplicity and effectiveness.

3. SaaS (Software as a Service): Simplified Management with Unparalleled Support

Master Only Diagram

For organizations seeking for a hassle-free and fully managed solution, UTMStack offers the Software as a Service (SaaS) deployment model.

With SaaS, organizations can benefit from a comprehensive managed instance of UTMStack, including updates, scaling, backups, high availability, and dedicated support. Logs can be effortlessly collected from customer systems by installing agents or configuring SyslogTLS or proxy.

This streamlined approach allows organizations to focus on their core business, leaving the complexities of cybersecurity management to the experts at UTMStack. Enjoy the peace of mind that comes with a fully managed solution, ensuring top-notch security and efficiency without the burden of infrastructure management.

UTMStack’s flexible deployment models empower organizations and MSPs to choose the most suitable approach based on their specific requirements, infrastructure, and security preferences. By offering a range of options, UTMStack ensures that organizations of all sizes and complexities can enjoy the benefits of a robust and comprehensive cybersecurity platform.

+ Architecture | Documentation Skip to main content Link Menu Expand (external link) Document Search Copy Copied
Documentation
This site uses Just the Docs, a documentation theme for Jekyll.

Architecture and Deployment Models

UTMStack offers a flexible and scalable architecture, empowering organizations to choose from various deployment models that best suit their needs. Whether deployed on the cloud or on-premises, UTMStack can seamlessly adapt to any scenario, providing a robust and comprehensive cybersecurity solution.

Deployment Models

UTMStack presents four compelling deployment models, each catering to specific requirements and offering distinct advantages:

1. Master Only Deployment: Unparalleled Data Control and Security

Master Only Diagram

A Master Only Deployment of UTMStack is dedicated to an individual customer, ensuring unparalleled data control and security.

By opting for a master-only installation, organizations can maintain complete control over their data. UTMStack can be effortlessly deployed within the customer’s network, whether on a virtual machine or a physical server. This approach allows for direct log gathering from customer devices and applications, ensuring data remains within the organization’s boundaries.

With data isolation and enhanced security, the master-only deployment model offers peace of mind, particularly for organizations concerned about sharing sensitive information with third parties.

2. Federated Master Deployment: Streamlined Management for MSPs

Master Only Diagram

The federated master deployment model is ideal for Managed Service Providers (MSPs) managing multiple instances of UTMStack.

In this model, multiple master servers are deployed, with one in each customer’s network. A central federation service acts as a unified monitoring panel, allowing MSPs to effortlessly oversee alerts generated by separate systems from a single centralized interface.

This streamlined approach simplifies monitoring and management, enabling MSPs to efficiently navigate activities across multiple clients and organizations.

The federated master deployment model is commonly used by SOC teams for its simplicity and effectiveness.

3. SaaS (Software as a Service): Simplified Management with Unparalleled Support

Master Only Diagram

For organizations seeking for a hassle-free and fully managed solution, UTMStack offers the Software as a Service (SaaS) deployment model.

With SaaS, organizations can benefit from a comprehensive managed instance of UTMStack, including updates, scaling, backups, high availability, and dedicated support. Logs can be effortlessly collected from customer systems by installing agents or configuring SyslogTLS or proxy.

This streamlined approach allows organizations to focus on their core business, leaving the complexities of cybersecurity management to the experts at UTMStack. Enjoy the peace of mind that comes with a fully managed solution, ensuring top-notch security and efficiency without the burden of infrastructure management.

UTMStack’s flexible deployment models empower organizations and MSPs to choose the most suitable approach based on their specific requirements, infrastructure, and security preferences. By offering a range of options, UTMStack ensures that organizations of all sizes and complexities can enjoy the benefits of a robust and comprehensive cybersecurity platform.

diff --git a/_site/Installation/FederationServiceInstallation.html b/_site/Installation/FederationServiceInstallation.html index 55b1a69..d56bb65 100644 --- a/_site/Installation/FederationServiceInstallation.html +++ b/_site/Installation/FederationServiceInstallation.html @@ -1,4 +1,4 @@ - Federation Service Installation | Documentation Skip to main content Link Menu Expand (external link) Document Search Copy Copied
Documentation
This site uses Just the Docs, a documentation theme for Jekyll.

UTMStack Federation Service Installation Guide

Welcome to the installation page for the Federated Master Deployment of UTMStack! If you’re an MSP (Managed Service Provider) with the mission of managing multiple instances of UTMStack across various customer networks, you’re in the right place. Our federated master deployment model is meticulously designed to provide a streamlined management experience, presenting a holistic view of activities across multiple clients and organizations.

This guide will walk you through the process of installing the UTMStack Federation Service (UTMStackFS) on an Ubuntu 20.04 LTS system. Please follow the steps below to ensure a successful installation.

For more details contact Customer Service.

Preparing for Installation

  1. Update the package list on your system:
sudo apt update
+          Federation Service Installation | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
 
  Documentation     
  
 This site uses Just the Docs, a documentation theme for Jekyll. 
 
 
 
 
 
   
 
 
 
 
  
 
  UTMStack Federation Service Installation Guide 
 
Welcome to the installation page for the Federated Master Deployment of UTMStack! If you’re an MSP (Managed Service Provider) with the mission of managing multiple instances of UTMStack across various customer networks, you’re in the right place. Our federated master deployment model is meticulously designed to provide a streamlined management experience, presenting a holistic view of activities across multiple clients and organizations.
 
This guide will walk you through the process of installing the UTMStack Federation Service (UTMStackFS) on an Ubuntu 20.04 LTS system. Please follow the steps below to ensure a successful installation.
 
For more details contact Customer Service.
 
  Preparing for Installation 
 
     
  1. Update the package list on your system:
    2.  
 
sudo apt update
 
 
     
  1. Install the necessary dependencies, including wget and net-tools:
    2.  
 
sudo apt install wget net-tools
 
 
     
  1. Download the latest version of the UTMStackFS installer from the official GitHub repository. You can use the following command to retrieve the installer:
    2.  
 
wget https://github.com/utmstack/UTMStackFSInstaller/releases/download/v10.0.0/UTMStackFSInstaller.zip
 
 
     
  1. Unzip the installer package using the following command. If you don’t have the unzip tool installed, you can do so by running sudo apt-get install zip unzip:
    2.  
 
unzip UTMStackFSInstaller*.zip
diff --git a/_site/Installation/FirewallRules.html b/_site/Installation/FirewallRules.html
index 2696696..222fb17 100644
--- a/_site/Installation/FirewallRules.html
+++ b/_site/Installation/FirewallRules.html
@@ -1 +1 @@
-          Firewall Rules | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
 
  Documentation     
  
 This site uses Just the Docs, a documentation theme for Jekyll. 
 
 
 
 
 
   
 
 
 
 
  
 
  Firewall Rules 
 
To ensure proper communication and functionality of UTMStack, it is important to configure the firewall rules on your network devices accordingly. This section provides an overview of the required firewall rules for different components of UTMStack. Please refer to the following guidelines:
 
  Required Ports 
 
     
  • Port: 22/TCP 
       
    • Purpose: Secure Shell (We recommend creating a firewall rule to allow it only from the admin workstation).
      •  
     
    •  
  • Port: 80/TCP 
       
    • Purpose: UTMStack Web-based Graphical User Interface Redirector (We recommend creating a firewall rule to allow it only from admin and security analyst workstations).
      •  
     
    •  
  • Port: 443/TCP 
       
    • Purpose: UTMStack Web-based Graphical User Interface (We recommend creating a firewall rule to allow it only from admin and security analyst workstations).
      •  
     
    •  
  • Port: 9090/TCP 
       
    • Purpose: Cockpit Web-based Graphical Interface for Servers (We recommend creating a firewall rule to allow it only from the admin workstation).
      •  
     
    •  
 
Other ports will be required during the configuration of UTMStack’s integrations to receive logs. Please follow the security recommendations given in the integration guide if it exists.
 
By configuring the firewall rules as specified above, you ensure that the necessary network traffic is allowed for UTMStack components to function properly. Make sure to update your network devices’ firewall settings accordingly to enable seamless communication within the UTMStack environment.
 
 
 
 
  
+          Firewall Rules | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
 
  Documentation     
  
 This site uses Just the Docs, a documentation theme for Jekyll. 
 
 
 
 
 
   
 
 
 
 
  
 
  Firewall Rules 
 
To ensure proper communication and functionality of UTMStack, it is important to configure the firewall rules on your network devices accordingly. This section provides an overview of the required firewall rules for different components of UTMStack. Please refer to the following guidelines:
 
  Required Ports 
 
     
  • Port: 22/TCP 
       
    • Purpose: Secure Shell (We recommend creating a firewall rule to allow it only from the admin workstation).
      •  
     
    •  
  • Port: 80/TCP 
       
    • Purpose: UTMStack Web-based Graphical User Interface Redirector (We recommend creating a firewall rule to allow it only from admin and security analyst workstations).
      •  
     
    •  
  • Port: 443/TCP 
       
    • Purpose: UTMStack Web-based Graphical User Interface (We recommend creating a firewall rule to allow it only from admin and security analyst workstations).
      •  
     
    •  
  • Port: 9090/TCP 
       
    • Purpose: Cockpit Web-based Graphical Interface for Servers (We recommend creating a firewall rule to allow it only from the admin workstation).
      •  
     
    •  
 
Other ports will be required during the configuration of UTMStack’s integrations to receive logs. Please follow the security recommendations given in the integration guide if it exists.
 
By configuring the firewall rules as specified above, you ensure that the necessary network traffic is allowed for UTMStack components to function properly. Make sure to update your network devices’ firewall settings accordingly to enable seamless communication within the UTMStack environment.
 
 
 
 
  
diff --git a/_site/Installation/InstallationGuideAzure.html b/_site/Installation/InstallationGuideAzure.html
index 7569abb..7ed5ddd 100644
--- a/_site/Installation/InstallationGuideAzure.html
+++ b/_site/Installation/InstallationGuideAzure.html
@@ -1 +1 @@
-          Master Installation Guide for Azure | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
 
  Documentation     
  
 This site uses Just the Docs, a documentation theme for Jekyll. 
 
 
 
 
 
   
 
 
 
 
  
 
  UTMStack Master Installation Guide for Azure 
 
This guide will walk you through the step-by-step process of installing UTMStack Master on Azure. Please follow the instructions carefully to ensure a successful installation.
 
  Prerequisites 
 
Before you begin the installation, make sure you have the following prerequisites:
 
     
  1. An active Azure subscription.
    2.  
  2. Basic knowledge of Azure and virtual machines.
    3.  
  3. Access to the Azure portal.
    4.  
 
  Step 1: Create a Virtual Machine 
 
     
  1. Sign in to the Azure portal at portal.azure.com using your Azure credentials.
    2.  
  2. Click on “Create a resource” and search for “Ubuntu Server” in the Azure Marketplace.
    3.  
  3. Select “Ubuntu Server” from the search results and click “Create.”
    4.  
  4. Fill in the required information for the virtual machine, such as the resource group, virtual machine name, region, and availability options.
    5.  
 
vm settings
 
     
  1.  
    Choose the appropriate virtual machine size based on your resource requirements. See System Requirements page to select the better option.
     
    2.  
  2.  
    Configure the networking options, such as virtual network and subnet settings, public IP address, and SSH settings (ensure that port 22/TCP is open for SSH access from your IP).
     
    3.  
  3.  
    You will need port 80/TCP and 443/TCP open to access the UTMStack web interface.
     
    4.  
  4.  
    Review the configuration details and click “Create” to start the virtual machine deployment process.
     
    5.  
 
  Step 2: Expand the System Disk 
 
Note: This step should be performed after the virtual machine creation is complete.
 
     
  1. Locate the newly created virtual machine in the Azure portal.
    2.  
 
vm settings
 
     
  1. Stop the virtual machine to enable disk expansion.
    2.  
  2. Go to the “Disks” section of the virtual machine settings.
    3.  
  3.  
    Select the system disk and click on “Size + performance” to expand the disk size. vm settings
     
    4.  
  4. Choose the desired disk size, such as 256GB, and apply the changes.
    5.  
  5. Start the virtual machine after the disk expansion process is completed.
    6.  
 
  Step 3: Access the Virtual Machine 
 
     
  1. Once the virtual machine is running, note down the public IP address or DNS name assigned to it.
    2.  
  2. Open an SSH client, and connect to the virtual machine using the public IP address or DNS name.
    3.  
  3. Provide your Azure credentials and SSH into the virtual machine.
    4.  
 
  Step 4: Install UTMStack Master 
 
     
  1. Inside the SSH session, follow the official UTMStack installation guide for Ubuntu to install UTMStack Master. You can find the installation guide at UTMStack Installation Guide.
    2.  
  2. Make sure to carefully follow the instructions provided in the guide, including the configuration settings and any additional dependencies or packages required.
    3.  
  3. Complete the installation process as per the guide’s instructions.
    4.  
 
  Step 5: Post-Installation Configuration 
 
     
  1. After the UTMStack Master installation is complete, you can access the UTMStack web interface by opening a web browser and navigating to the IP address or DNS name of the virtual machine, followed by the appropriate port (usually port 443 for HTTPS).
    2.  
  2. Follow any further configuration steps provided in the UTMStack documentation to set up the system according to your requirements.
    3.  
 
Congratulations! You have successfully installed UTMStack Master on Azure. You can now begin utilizing the UTMStack platform for your network management and monitoring needs.
 
 
 
 
  
+          Master Installation Guide for Azure | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
 
  Documentation     
  
 This site uses Just the Docs, a documentation theme for Jekyll. 
 
 
 
 
 
   
 
 
 
 
  
 
  UTMStack Master Installation Guide for Azure 
 
This guide will walk you through the step-by-step process of installing UTMStack Master on Azure. Please follow the instructions carefully to ensure a successful installation.
 
  Prerequisites 
 
Before you begin the installation, make sure you have the following prerequisites:
 
     
  1. An active Azure subscription.
    2.  
  2. Basic knowledge of Azure and virtual machines.
    3.  
  3. Access to the Azure portal.
    4.  
 
  Step 1: Create a Virtual Machine 
 
     
  1. Sign in to the Azure portal at portal.azure.com using your Azure credentials.
    2.  
  2. Click on “Create a resource” and search for “Ubuntu Server” in the Azure Marketplace.
    3.  
  3. Select “Ubuntu Server” from the search results and click “Create.”
    4.  
  4. Fill in the required information for the virtual machine, such as the resource group, virtual machine name, region, and availability options.
    5.  
 
vm settings
 
     
  1.  
    Choose the appropriate virtual machine size based on your resource requirements. See System Requirements page to select the better option.
     
    2.  
  2.  
    Configure the networking options, such as virtual network and subnet settings, public IP address, and SSH settings (ensure that port 22/TCP is open for SSH access from your IP).
     
    3.  
  3.  
    You will need port 80/TCP and 443/TCP open to access the UTMStack web interface.
     
    4.  
  4.  
    Review the configuration details and click “Create” to start the virtual machine deployment process.
     
    5.  
 
  Step 2: Expand the System Disk 
 
Note: This step should be performed after the virtual machine creation is complete.
 
     
  1. Locate the newly created virtual machine in the Azure portal.
    2.  
 
vm settings
 
     
  1. Stop the virtual machine to enable disk expansion.
    2.  
  2. Go to the “Disks” section of the virtual machine settings.
    3.  
  3.  
    Select the system disk and click on “Size + performance” to expand the disk size. vm settings
     
    4.  
  4. Choose the desired disk size, such as 256GB, and apply the changes.
    5.  
  5. Start the virtual machine after the disk expansion process is completed.
    6.  
 
  Step 3: Access the Virtual Machine 
 
     
  1. Once the virtual machine is running, note down the public IP address or DNS name assigned to it.
    2.  
  2. Open an SSH client, and connect to the virtual machine using the public IP address or DNS name.
    3.  
  3. Provide your Azure credentials and SSH into the virtual machine.
    4.  
 
  Step 4: Install UTMStack Master 
 
     
  1. Inside the SSH session, follow the official UTMStack installation guide for Ubuntu to install UTMStack Master. You can find the installation guide at UTMStack Installation Guide.
    2.  
  2. Make sure to carefully follow the instructions provided in the guide, including the configuration settings and any additional dependencies or packages required.
    3.  
  3. Complete the installation process as per the guide’s instructions.
    4.  
 
  Step 5: Post-Installation Configuration 
 
     
  1. After the UTMStack Master installation is complete, you can access the UTMStack web interface by opening a web browser and navigating to the IP address or DNS name of the virtual machine, followed by the appropriate port (usually port 443 for HTTPS).
    2.  
  2. Follow any further configuration steps provided in the UTMStack documentation to set up the system according to your requirements.
    3.  
 
Congratulations! You have successfully installed UTMStack Master on Azure. You can now begin utilizing the UTMStack platform for your network management and monitoring needs.
 
 
 
 
  
diff --git a/_site/Installation/MasterServerInstallation.html b/_site/Installation/MasterServerInstallation.html
index 4055ff7..b9f6093 100644
--- a/_site/Installation/MasterServerInstallation.html
+++ b/_site/Installation/MasterServerInstallation.html
@@ -1,8 +1,8 @@
-          Master Server Setup Guide | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
 
  Documentation     
  
 This site uses Just the Docs, a documentation theme for Jekyll. 
 
 
 
 
 
   
 
 
 
 
  
 
  UTMStack Master Server Setup Guide 
 
This guide will walk you through the process of setting up the UTMStack Master Server. The Master Server is the central component of UTMStack and is responsible for managing the security operations and data collection.
 
  Linux Installation Guide 
 
This guide will walk you through the process of installing UTMStack on a Linux system using the official installer script. Please follow the steps below to ensure a successful installation.
 
  Step 1: Prepare the System 
 
Before starting the installation, make sure that your system meets the minimum requirements and is up to date.
 
Please refer to the System Requirements page in the UTMStack documentation for detailed information about the recommended specifications for your environment.
 
Execute the following commands to update the package list and install the required dependencies on your Ubuntu 22.04 LTS system:
 
sudo apt update
+          Master Server Setup Guide | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
 
  Documentation     
  
 This site uses Just the Docs, a documentation theme for Jekyll. 
 
 
 
 
 
   
 
 
 
 
  
 
  UTMStack Master Server Setup Guide 
 
This guide will walk you through the process of setting up the UTMStack Master Server. The Master Server is the central component of UTMStack and is responsible for managing the security operations and data collection.
 
  Linux Installation Guide 
 
This guide will walk you through the process of installing UTMStack on a Linux system using the official installer script. Please follow the steps below to ensure a successful installation.
 
  Step 1: Prepare the System 
 
Before starting the installation, make sure that your system meets the minimum requirements and is up to date.
 
Please refer to the System Requirements page in the UTMStack documentation for detailed information about the recommended specifications for your environment.
 
Execute the following commands to update the package list and install the required dependencies on your Ubuntu 22.04 LTS system:
 
sudo apt update
 sudo apt install wget
 
 
  Step 2: Download the Installer Script 
 
Download the latest version of the UTMStack installer script from the official UTMStack website. You can use the following command to retrieve the script:
 
wget http://github.com/utmstack/UTMStack/releases/latest/download/installer
 
 
 
  Step 3: Grant Execution Permissions 
 
Change to the root user to ensure proper execution of the installer script:
 
sudo su
 
 
Set execution permissions for the installer script using the following command:
 
chmod +x installer
 
 
  Step 4: Run the Installer 
 
Now, you are ready to run the installer script and begin the installation process.
 
Execute the installer without parameters:
 
./installer
-
 
The installer script will take care of downloading the necessary packages.
 
Please note that the installation process may take some time depending on the system and the options selected.
 
Trubleshooting: If you find any errors during the installation, please check the installation log for more details: /var/log/utm-setup.log
 
You can find the password and other generated configurations in /root/UTMStack.yml
 
  Step 5: Configuration of UTMStack 
 
After successfully installing UTMStack on your servers, it is important to configure the necessary services to ensure proper functionality. This step involves setting up best-practice firewall rulesets to control network traffic effectively. Additionally, you have the option to integrate third-party applications like M365 to enhance UTMStack’s capabilities.
 
To learn more about the specific firewall rules you need to create for UTMStack, please refer to the Firewall Rules section for detailed instructions.
 
  Step 6: Installing and Configuring an SSL/TLS certificate 
 
Go to Configuring an SSL/TLS certificate section for detailed instructions.
 
  Step 7: Accessing the UTMStack Platform 
 
Once you have successfully installed the UTMStack master server, you can now access the platform and start using it for your cybersecurity needs. Follow these steps to log in to the UTMStack platform:
 
Open your preferred web browser.
 
Enter the HTTPS URL of your server’s name or IP address in the browser’s address bar. For example, if your server’s IP address is 192.168.0.100, you would enter https://192.168.0.100.
 
Press Enter to load the UTMStack login page.
 
UTMStack Installer Capture
 
Once UTMStack is installed, use admin as the user and the password generated during the installation for the default user to login. You can find the password and other generated configurations in /root/UTMStack.
 
Note: Use HTTPS in front of your server name or IP to access the login page.
 
 
Default Login Credentials:
 
User: utmstack, Password: utmstack
 
 
Click on the “Sign In” button to authenticate and access the UTMStack platform.
 
 
 
 
  
+
 
The installer script will take care of downloading the necessary packages.
 
Please note that the installation process may take some time depending on the system and the options selected.
 
Trubleshooting: If you find any errors during the installation, please check the installation log for more details: /var/log/utm-setup.log
 
You can find the password and other generated configurations in /root/UTMStack.yml
 
  Step 5: Configuration of UTMStack 
 
After successfully installing UTMStack on your servers, it is important to configure the necessary services to ensure proper functionality. This step involves setting up best-practice firewall rulesets to control network traffic effectively. Additionally, you have the option to integrate third-party applications like M365 to enhance UTMStack’s capabilities.
 
To learn more about the specific firewall rules you need to create for UTMStack, please refer to the Firewall Rules section for detailed instructions.
 
  Step 6: Installing and Configuring an SSL/TLS certificate 
 
Go to Configuring an SSL/TLS certificate section for detailed instructions.
 
  Step 7: Accessing the UTMStack Platform 
 
Once you have successfully installed the UTMStack master server, you can now access the platform and start using it for your cybersecurity needs. Follow these steps to log in to the UTMStack platform:
 
Open your preferred web browser.
 
Enter the HTTPS URL of your server’s name or IP address in the browser’s address bar. For example, if your server’s IP address is 192.168.0.100, you would enter https://192.168.0.100.
 
Press Enter to load the UTMStack login page.
 
UTMStack Installer Capture
 
Once UTMStack is installed, use admin as the user and the password generated during the installation for the default user to login. You can find the password and other generated configurations in /root/UTMStack.
 
Note: Use HTTPS in front of your server name or IP to access the login page.
 
 
Default credentials for Ubuntu Server when using the ISO installer:
 
User: utmstack Password: utmstack
 
 
Click on the “Sign In” button to authenticate and access the UTMStack platform.
 
 
 
 
  
diff --git a/_site/Installation/README.html b/_site/Installation/README.html
index 5e3b2cf..0c24647 100644
--- a/_site/Installation/README.html
+++ b/_site/Installation/README.html
@@ -1 +1 @@
-          Installation | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
 
  Documentation     
  
 This site uses Just the Docs, a documentation theme for Jekyll. 
 
 
 
 
 
   
 
 
 
 
 
 
  UTMStack Installation Guide 
 
Welcome to the UTMStack installation guide. This guide will walk you through the step-by-step process of installing UTMStack, ensuring a seamless setup and configuration of the platform. Please follow the instructions carefully to ensure a successful installation.
 
  System Requirements 
 
Before proceeding with the installation, it is important to ensure that your system meets the minimum requirements to run UTMStack effectively. Please refer to the System Requirements page in the UTMStack documentation for detailed information about the recommended specifications for your environment.
 
  Installation Steps 
 
The UTMStack installation process consists of three main steps:
 
     
  1.  
    Choose the Architecture: Before starting the installation, you need to decide on the architecture for your UTMStack deployment. This step determines the components and services that will be installed. Refer to the Architecture Page for a detailed description of each architecture option. 
     
    2.  
  2.  
    Installing the Federated Service (Optional): If you have chosen the Federated architecture in Step 1, follow the instructions in the Federated Server Installation Guide after ensuring your system meets the recommended specifications mentioned in the Federated Service Requirements page. 
     
    3.  
  3.  
    Setting up the Master Servers: The master server is the central component of the UTMStack architecture, responsible for managing and coordinating all other UTMStack components and services.
     
    To set up the master server, you need to create a virtual machine (VM) or physical machine that will host the UTMStack software. The VM should have a requirements of 4 cores, 8 GB of RAM and 256 GB of disk storage for each 50 devices. (Assuming you will retain 30 days of live logs). Once the VM is created, it needs to be configured with the operating system Ubuntu Server 22.04 LTS.
     

    For detailed instructions on setting up the master servers, please refer to the Master Server Setup Guide in the UTMStack documentation. 
     
    4.  
  4.  
    Personalizing and Configuring UTMStack: Once you have completed the installation of UTMStack, the next step is to personalize and configure the UTMStack services to optimize its performance and functionality. Follow the instructions below to personalize and configure UTMStack:
     
       
    1.  
      Access UTMStack Management Interface: Open a web browser and enter the URL or IP address to access the UTMStack management interface.
       
      2.  
    2.  
      Log in: Use the provided credentials to log in to the UTMStack management interface.
       
      3.  
    3.  
      Navigate to Settings: Locate the settings menu, accessible through a hamburger menu icon on the right side of the interface.
       
      4.  
     
    setting capture
     
       
    1. Personalize UTMStack: Explore the various settings modules available, such as license, data retention, compliance, user access audit, and more. Customize these settings according to your organization’s needs and security policies.
      2.  
     
    setting capture
     

    For more detailed instructions on settings , please refer to the Configuration Section in the UTMStack documentation. 
     
       
    1. Save and Verify: Save the configurations and ensure that all UTMStack services are running correctly. Verify that the desired functionality is achieved and that the system is operating optimally.
      2.  
     
    By personalizing and configuring UTMStack, you can tailor the system to meet your organization’s specific needs and optimize its performance for effective log management and security monitoring.
     
    5.  
 
Congratulations! You have successfully completed the installation process for UTMStack. Ensure that you perform thorough testing and verification to confirm the proper functioning of the platform.
 
 
Table of contents
  
 
 
 
  
+          Installation | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
 
  Documentation     
  
 This site uses Just the Docs, a documentation theme for Jekyll. 
 
 
 
 
 
   
 
 
 
 
 
 
  UTMStack Installation Guide 
 
Welcome to the UTMStack installation guide. This guide will walk you through the step-by-step process of installing UTMStack, ensuring a seamless setup and configuration of the platform. Please follow the instructions carefully to ensure a successful installation.
 
  System Requirements 
 
Before proceeding with the installation, it is important to ensure that your system meets the minimum requirements to run UTMStack effectively. Please refer to the System Requirements page in the UTMStack documentation for detailed information about the recommended specifications for your environment.
 
  Installation Steps 
 
The UTMStack installation process consists of three main steps:
 
     
  1.  
    Choose the Architecture: Before starting the installation, you need to decide on the architecture for your UTMStack deployment. This step determines the components and services that will be installed. Refer to the Architecture Page for a detailed description of each architecture option. 
     
    2.  
  2.  
    Installing the Federated Service (Optional): If you have chosen the Federated architecture in Step 1, follow the instructions in the Federated Server Installation Guide after ensuring your system meets the recommended specifications mentioned in the Federated Service Requirements page. 
     
    3.  
  3.  
    Setting up the Master Servers: The master server is the central component of the UTMStack architecture, responsible for managing and coordinating all other UTMStack components and services.
     
    To set up the master server, you need to create a virtual machine (VM) or physical machine that will host the UTMStack software. The VM should have a requirements of 4 cores, 8 GB of RAM and 256 GB of disk storage for each 50 devices. (Assuming you will retain 30 days of live logs). Once the VM is created, it needs to be configured with the operating system Ubuntu Server 22.04 LTS.
     

    For detailed instructions on setting up the master servers, please refer to the Master Server Setup Guide in the UTMStack documentation. 
     
    4.  
  4.  
    Personalizing and Configuring UTMStack: Once you have completed the installation of UTMStack, the next step is to personalize and configure the UTMStack services to optimize its performance and functionality. Follow the instructions below to personalize and configure UTMStack:
     
       
    1.  
      Access UTMStack Management Interface: Open a web browser and enter the URL or IP address to access the UTMStack management interface.
       
      2.  
    2.  
      Log in: Use the provided credentials to log in to the UTMStack management interface.
       
      3.  
    3.  
      Navigate to Settings: Locate the settings menu, accessible through a hamburger menu icon on the right side of the interface.
       
      4.  
     
    setting capture
     
       
    1. Personalize UTMStack: Explore the various settings modules available, such as license, data retention, compliance, user access audit, and more. Customize these settings according to your organization’s needs and security policies.
      2.  
     
    setting capture
     

    For more detailed instructions on settings , please refer to the Configuration Section in the UTMStack documentation. 
     
       
    1. Save and Verify: Save the configurations and ensure that all UTMStack services are running correctly. Verify that the desired functionality is achieved and that the system is operating optimally.
      2.  
     
    By personalizing and configuring UTMStack, you can tailor the system to meet your organization’s specific needs and optimize its performance for effective log management and security monitoring.
     
    5.  
 
Congratulations! You have successfully completed the installation process for UTMStack. Ensure that you perform thorough testing and verification to confirm the proper functioning of the platform.
 
 
Table of contents
  
 
 
 
  
diff --git a/_site/Installation/SSLConfiguration.html b/_site/Installation/SSLConfiguration.html
index 83bc0c3..b4f40e6 100644
--- a/_site/Installation/SSLConfiguration.html
+++ b/_site/Installation/SSLConfiguration.html
@@ -1,4 +1,4 @@
-          SSL Certificate Management in UTMStack | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
 
  Documentation     
  
 This site uses Just the Docs, a documentation theme for Jekyll. 
 
 
 
 
 
   
 
 
 
 
  
 
  SSL Certificate Management in UTMStack 
 
This guide provides comprehensive steps on installing, generating, and renewing SSL certificates for UTMStack.
  
  Manual SSL Certificate Installation 
 
Before beginning, ensure you’ve downloaded your certificate files. After downloading:
 
     
  1. You should have: 
       
    • A certificate file with the extension .crt or .pem
      •  
    • A private key with the extension .key or .pem
      •  
     
    2.  
  2. Rename the files: 
       
    • Certificate: utm.crt
      •  
    • Private Key: utm.key
      •  
     
    3.  
  3. Transfer both files to your server:
    4.  
 
   mv utm.crt /UTMStack/cert/
+          SSL Certificate Management in UTMStack | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
 
  Documentation     
  
 This site uses Just the Docs, a documentation theme for Jekyll. 
 
 
 
 
 
   
 
 
 
 
  
 
  SSL Certificate Management in UTMStack 
 
This guide provides comprehensive steps on installing, generating, and renewing SSL certificates for UTMStack.
  
  Manual SSL Certificate Installation 
 
Before beginning, ensure you’ve downloaded your certificate files. After downloading:
 
     
  1. You should have: 
       
    • A certificate file with the extension .crt or .pem
      •  
    • A private key with the extension .key or .pem
      •  
     
    2.  
  2. Rename the files: 
       
    • Certificate: utm.crt
      •  
    • Private Key: utm.key
      •  
     
    3.  
  3. Transfer both files to your server:
    4.  
 
   mv utm.crt /UTMStack/cert/
    mv utm.key /UTMStack/cert/
 
 
     
  1. Restart Docker for the changes to take effect:
    2.  
 
systemctl restart docker
 
 
     
  1. Allow approximately 10 minutes for the stack to restart.
    2.  
 
Once these steps are completed, your SSL certificate will be installed and configured for UTMStack. For any issues or questions during the installation, please contact our support team.
 
  Generate SSL with Certbot in UTMStack without DNS Change 
 
     
  1. Allow Necessary Ports Open ports for Certbot and Nginx:
    2.  
 
ufw allow 80/tcp
diff --git a/_site/Installation/SystemRequirements.html b/_site/Installation/SystemRequirements.html
index 1905535..37d0c62 100644
--- a/_site/Installation/SystemRequirements.html
+++ b/_site/Installation/SystemRequirements.html
@@ -1 +1 @@
-          System Requirements | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
 
  Documentation     
  
 This site uses Just the Docs, a documentation theme for Jekyll. 
 
 
 
 
 
   
 
 
 
 
  
 
  UTMStack System Resources 
 
To guarantee a seamless installation and peak performance of UTMStack, adhere to the given system specifications for both Master and Probe/Proxy servers.
 
Before diving in, be aware that UTMStack approaches data retention in two distinct methods:
 
     
  • Hot Log Storage: Refers to data which isn’t archived and can be accessed anytime for immediate analysis.
    •  
  • Cold Storage: Represents archived data that necessitates restoration prior to access.
    •  
  • Data Source: Denotes any individual origin of logs, such as devices, agents, or SaaS integrations.
    •  
 
  Assumptions: 
 
It’s assumed that 60 data sources (devices) roughly produce 100 GB of data monthly.
 
  Master Server Specifications: 
 
The Master server undertakes the task of overseeing and orchestrating the UTMStack platform. Below is a tabulation of the recommended specifications for the hot log storage:
 
  
 Data Sources (Approx. Monthly Data) Cores RAM Disk Space 
   
 50 (100 GB) 4 8 GB 150 GB 
 
 120 (250 GB) 8 16 GB 250 GB 
 
 240 (500 GB) 16 32 GB 450 GB 
  
 
You have the flexibility to mix and match these tiers based on the number of devices you have and your preferred hot log storage duration.
 
  Supported Operating Systems: 
 
The UTMStack installation guide provides instructions specifically for Ubuntu 22.04 LTS. It is recommended to use one of these supported operating systems for compatibility and optimal performance.
 
Please refer to the installation guide for detailed steps on setting up UTMStack on your chosen operating system.
 
Ensuring that your system meets these requirements will help guarantee the stability, efficiency, and reliable operation of UTMStack.
 
If you have any further questions or need additional assistance, please don’t hesitate to reach out.
 
  Federated Server (UTMStackFSInstaller) 
 
  Recommendations for Operating System: 
 
Ubuntu 22.04 LTS.
 
  Resources for Master: 
 
  
 Recommendation Cores RAM Disk Space 
   
 Minimum Required (non-prod) 2 4 GB 20 GB 
 
 Recommended (prod) 4 8 GB 20 GB 
  
 
 
 
 
  
+          System Requirements | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
 
  Documentation     
  
 This site uses Just the Docs, a documentation theme for Jekyll. 
 
 
 
 
 
   
 
 
 
 
  
 
  UTMStack System Resources 
 
To guarantee a seamless installation and peak performance of UTMStack, adhere to the given system specifications for both Master and Probe/Proxy servers.
 
Before diving in, be aware that UTMStack approaches data retention in two distinct methods:
 
     
  • Hot Log Storage: Refers to data which isn’t archived and can be accessed anytime for immediate analysis.
    •  
  • Cold Storage: Represents archived data that necessitates restoration prior to access.
    •  
  • Data Source: Denotes any individual origin of logs, such as devices, agents, or SaaS integrations.
    •  
 
  Assumptions: 
 
It’s assumed that 60 data sources (devices) roughly produce 100 GB of data monthly.
 
  Master Server Specifications: 
 
The Master server undertakes the task of overseeing and orchestrating the UTMStack platform. Below is a tabulation of the recommended specifications for the hot log storage:
 
  
 Data Sources (Approx. Monthly Data) Cores RAM Disk Space 
   
 50 (100 GB) 4 12 GB 150 GB 
 
 120 (250 GB) 8 16 GB 250 GB 
 
 240 (500 GB) 16 32 GB 450 GB 
  
 
You have the flexibility to mix and match these tiers based on the number of devices you have and your preferred hot log storage duration.
 
  Supported Operating Systems: 
 
The UTMStack installation guide provides instructions specifically for Ubuntu 22.04 LTS. It is recommended to use one of these supported operating systems for compatibility and optimal performance.
 
Please refer to the installation guide for detailed steps on setting up UTMStack on your chosen operating system.
 
Ensuring that your system meets these requirements will help guarantee the stability, efficiency, and reliable operation of UTMStack.
 
If you have any further questions or need additional assistance, please don’t hesitate to reach out.
 
  Federated Server (UTMStackFSInstaller) 
 
  Recommendations for Operating System: 
 
Ubuntu 22.04 LTS.
 
  Resources for Master: 
 
  
 Recommendation Cores RAM Disk Space 
   
 Minimum Required (non-prod) 2 4 GB 20 GB 
 
 Recommended (prod) 4 8 GB 20 GB 
  
 
 
 
 
  
diff --git a/_site/QuickStart.html b/_site/QuickStart.html
index ce2f1f3..526e66a 100644
--- a/_site/QuickStart.html
+++ b/_site/QuickStart.html
@@ -1,4 +1,4 @@
-          Quick Start | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
 
  Documentation     
  
 This site uses Just the Docs, a documentation theme for Jekyll. 
 
 
 
 
 
   
 
 
 
 
 
 
  Quick Start Guide 
 
Getting started with UTMStack is straightforward. Follow this 3-step process:
 
     
  1. Installation: Deploy UTMStack on your Master Server.
    2.  
  2. Initial Configuration: Set up essential settings, including SSL and email configurations.
    3.  
  3. DataSource Setup: Configure a Windows Agent as a data source.
    4.  
 
  1. Install UTMStack 
 
Before you begin, ensure your system meets the minimum requirements: 4 cores, 12 GB of RAM, and 150 GB of disk storage to monitor up to 50 devices.
 
Deploy the UTMStack Master Server, which oversees security operations and data collection.
 
  Procedure: 
 
Use the UTMStack installer for Ubuntu Linux 22.04 LTS.
 
     
  • Download and Prepare: 
      sudo apt update
+          Quick Start | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
     
      Documentation     
      
     This site uses Just the Docs, a documentation theme for Jekyll. 
     
     
     
     
     
       
     
     
     
     
     
     
      Quick Start Guide 
     
    Getting started with UTMStack is straightforward. Follow this 3-step process:
     
       
    1. Installation: Deploy UTMStack on your Master Server.
      2.  
    2. Initial Configuration: Set up essential settings, including SSL and email configurations.
      3.  
    3. DataSource Setup: Configure a Windows Agent as a data source.
      4.  
     
      1. Install UTMStack 
     
    Before you begin, ensure your system meets the minimum requirements: 4 cores, 12 GB of RAM, and 150 GB of disk storage to monitor up to 50 devices.
     
    Deploy the UTMStack Master Server, which oversees security operations and data collection.
     
      Procedure: 
     
    Use the UTMStack installer for Ubuntu Linux 22.04 LTS.
     
       
    • Download and Prepare: 
        sudo apt update
   sudo apt install wget
   wget http://github.com/utmstack/UTMStack/releases/latest/download/installer
   sudo su
diff --git a/_site/UTMStackComponents/Compliance/README.html b/_site/UTMStackComponents/Compliance/README.html
index 60fd494..3b54b47 100644
--- a/_site/UTMStackComponents/Compliance/README.html
+++ b/_site/UTMStackComponents/Compliance/README.html
@@ -1 +1 @@
-          Compliance Management | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
       
        Documentation     
        
       This site uses Just the Docs, a documentation theme for Jekyll. 
       
       
       
       
       
         
       
       
       
       
       
       
        Compliance Management 
       
      Welcome to our in-depth guide on the Compliance Management module, a key feature of our cybersecurity software platform. This module aids organizations in achieving and maintaining compliance across various industry-specific regulations. By accommodating a multitude of standards, our Compliance Management module provides a holistic view of your organization’s regulatory compliance status.
       
      vm settings
       
      Each standard is categorized. By default, the categories available are:
       
         
      • Account Management
        •  
      • Device Activity
        •  
      • Application Audit
        •  
      • Alerts and Incidents
        •  
       
      Each standard has its dedicated section.
       
      For example, if you wish to monitor the Office 365 Account Activity regarding successful logins, you can navigate to the relevant category. Upon selecting it, you’ll receive a detailed description of the report and the compliance standards it addresses.
       
      vm settings
       
        Supported Compliance Standards 
       
      Our module supports several critical compliance standards, ensuring that your organization stays compliant in various sectors:
       
        1. Health Insurance Portability and Accountability Act (HIPAA) 
       
      HIPAA is a U.S. federal law that sets national standards to protect sensitive patient health information from unauthorized disclosure. The HIPAA section within the Compliance Management module incorporates reports specifically designed to monitor compliance with critical HIPAA provisions, such as sections §164.308(a)(1)(ii)(A)(D), §164.312(b), and others. Each report aims to facilitate the implementation of policies and procedures to detect and manage security violations effectively.
       
        2. General Data Protection Regulation (GDPR) 
       
      GDPR is a comprehensive data protection law in the European Union (EU), which regulates the processing of personal data. The software offers pre-configured reports to ensure that your data processing operations adhere to GDPR’s core principles.
       
        3. Gramm-Leach-Bliley Act (GLBA) 
       
      GLBA, also known as the Financial Modernization Act of 1999, controls how financial institutions handle the private information of individuals. The GLBA section in the module contains reports tailored to key GLBA provisions, assisting you in maintaining GLBA compliance.
       
        4. System and Organization Controls 2 (SOC 2) 
       
      SOC 2 report focuses on a business’s non-financial reporting controls relating to security, availability, processing integrity, confidentiality, and privacy of a system. The software provides essential reports aligned with the Control Criteria (CC) of SOC 2 to facilitate the achievement and maintenance of SOC 2 compliance.
       
        5. Federal Information Security Management Act (FISMA) 
       
      FISMA is a U.S. federal law that mandates federal agencies to develop, document, and implement an information security and protection program. The module provides pre-defined reports monitoring compliance with FISMA’s crucial sections.
       
        6. Cybersecurity Maturity Model Certification (CMMC) 
       
      CMMC certification is a requirement for businesses bidding on U.S. Government contracts. The CMMC section within the module provides reports specifically designed to monitor compliance with different CMMC Levels.
       
        7. Payment Card Industry Data Security Standard (PCI-DSS) 
       
      PCI-DSS is a set of standards for managing and securing credit card-related personal data. The PCI-DSS section in the Compliance Management module provides reports aligned with specific PCI requirements, ensuring that your credit card data processing activities remain within the bounds of PCI-DSS standards.
       
        Export a Report 
       
      Upon accessing the Platform Menu, you’ll find the Compliance submenu. Here, you can choose to either create a new compliance report or delve into various compliance standard dashboards.
       
      vm settings
       
      By selecting a standard, you’ll be directed to the Compliance Template Section. This is where you decide which report to export.
       
      Compliance Template
       
      Upon clicking on a report, you’ll be presented with an overview, options to modify the date range, and the capability to generate a PDF using a professionally designed template available on the platform.
       
      Report Options Report Template
       
        Comprehensive Compliance Management 
       
      Beyond the features described above, the Compliance Management Dashboard—located in the application management section—grants complete control over compliance standards. You’re equipped to edit, remove, or append sections and reports to meet specific needs.
       
      Dashboard
       
        Add Standard 
       
      Understanding that each organization has unique compliance requisites, our module is engineered for flexibility. It allows the addition of new compliance standards aligning with specific business needs.
       
      To introduce a new standard, proceed to the Compliance Management section. Here, the ‘Add Standard’ button will guide you through a straightforward interface for detailing the new standard.
       
      New Standard
       
        Adding Reports 
       
      We appreciate the importance of detailed reporting for each compliance standard. Our module thus empowers you to supplement new reports to an existing compliance standard.
       
      To do this, pick the preferred standard and section to which the report should belong. Next, select from a list of existing report dashboards to incorporate into your chosen compliance segment. This ensures thorough coverage of all regulatory facets.
       
      Create Compliance Report Create Report
       
        Import/Export 
       
      Acknowledging the need for system interoperability, the Compliance Management module boasts a robust import/export function. This tool aids in the proficient handling and transfer of compliance data.
       
      To export the prevailing compliance information, a comprehensive JSON file is produced, encapsulating all essentials of your standards, sections, and reports. By utilizing the ‘Export All’ button, a complete portrayal of your compliance configuration is readily compiled, ensuring data integrity.
       
      For importing, should there be a necessity to infuse the module with compliance data from an alternative system, the ‘Import All’ button facilitates this. Simply upload the corresponding JSON file, and the module will fluidly merge the data, aligning with your prior system’s setup.
       
      Import/Export Options
       
       
       
       
        
+          Compliance Management | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
       
        Documentation     
        
       This site uses Just the Docs, a documentation theme for Jekyll. 
       
       
       
       
       
         
       
       
       
       
       
       
        Compliance Management 
       
      Welcome to our in-depth guide on the Compliance Management module, a key feature of our cybersecurity software platform. This module aids organizations in achieving and maintaining compliance across various industry-specific regulations. By accommodating a multitude of standards, our Compliance Management module provides a holistic view of your organization’s regulatory compliance status.
       
      vm settings
       
      Each standard is categorized. By default, the categories available are:
       
         
      • Account Management
        •  
      • Device Activity
        •  
      • Application Audit
        •  
      • Alerts and Incidents
        •  
       
      Each standard has its dedicated section.
       
      For example, if you wish to monitor the Office 365 Account Activity regarding successful logins, you can navigate to the relevant category. Upon selecting it, you’ll receive a detailed description of the report and the compliance standards it addresses.
       
      vm settings
       
        Supported Compliance Standards 
       
      Our module supports several critical compliance standards, ensuring that your organization stays compliant in various sectors:
       
        1. Health Insurance Portability and Accountability Act (HIPAA) 
       
      HIPAA is a U.S. federal law that sets national standards to protect sensitive patient health information from unauthorized disclosure. The HIPAA section within the Compliance Management module incorporates reports specifically designed to monitor compliance with critical HIPAA provisions, such as sections §164.308(a)(1)(ii)(A)(D), §164.312(b), and others. Each report aims to facilitate the implementation of policies and procedures to detect and manage security violations effectively.
       
        2. General Data Protection Regulation (GDPR) 
       
      GDPR is a comprehensive data protection law in the European Union (EU), which regulates the processing of personal data. The software offers pre-configured reports to ensure that your data processing operations adhere to GDPR’s core principles.
       
        3. Gramm-Leach-Bliley Act (GLBA) 
       
      GLBA, also known as the Financial Modernization Act of 1999, controls how financial institutions handle the private information of individuals. The GLBA section in the module contains reports tailored to key GLBA provisions, assisting you in maintaining GLBA compliance.
       
        4. System and Organization Controls 2 (SOC 2) 
       
      SOC 2 report focuses on a business’s non-financial reporting controls relating to security, availability, processing integrity, confidentiality, and privacy of a system. The software provides essential reports aligned with the Control Criteria (CC) of SOC 2 to facilitate the achievement and maintenance of SOC 2 compliance.
       
        5. Federal Information Security Management Act (FISMA) 
       
      FISMA is a U.S. federal law that mandates federal agencies to develop, document, and implement an information security and protection program. The module provides pre-defined reports monitoring compliance with FISMA’s crucial sections.
       
        6. Cybersecurity Maturity Model Certification (CMMC) 
       
      CMMC certification is a requirement for businesses bidding on U.S. Government contracts. The CMMC section within the module provides reports specifically designed to monitor compliance with different CMMC Levels.
       
        7. Payment Card Industry Data Security Standard (PCI-DSS) 
       
      PCI-DSS is a set of standards for managing and securing credit card-related personal data. The PCI-DSS section in the Compliance Management module provides reports aligned with specific PCI requirements, ensuring that your credit card data processing activities remain within the bounds of PCI-DSS standards.
       
        Export a Report 
       
      Upon accessing the Platform Menu, you’ll find the Compliance submenu. Here, you can choose to either create a new compliance report or delve into various compliance standard dashboards.
       
      vm settings
       
      By selecting a standard, you’ll be directed to the Compliance Template Section. This is where you decide which report to export.
       
      Compliance Template
       
      Upon clicking on a report, you’ll be presented with an overview, options to modify the date range, and the capability to generate a PDF using a professionally designed template available on the platform.
       
      Report Options Report Template
       
        Comprehensive Compliance Management 
       
      Beyond the features described above, the Compliance Management Dashboard—located in the application management section—grants complete control over compliance standards. You’re equipped to edit, remove, or append sections and reports to meet specific needs.
       
      Dashboard
       
        Add Standard 
       
      Understanding that each organization has unique compliance requisites, our module is engineered for flexibility. It allows the addition of new compliance standards aligning with specific business needs.
       
      To introduce a new standard, proceed to the Compliance Management section. Here, the ‘Add Standard’ button will guide you through a straightforward interface for detailing the new standard.
       
      New Standard
       
        Adding Reports 
       
      We appreciate the importance of detailed reporting for each compliance standard. Our module thus empowers you to supplement new reports to an existing compliance standard.
       
      To do this, pick the preferred standard and section to which the report should belong. Next, select from a list of existing report dashboards to incorporate into your chosen compliance segment. This ensures thorough coverage of all regulatory facets.
       
      Create Compliance Report Create Report
       
        Import/Export 
       
      Acknowledging the need for system interoperability, the Compliance Management module boasts a robust import/export function. This tool aids in the proficient handling and transfer of compliance data.
       
      To export the prevailing compliance information, a comprehensive JSON file is produced, encapsulating all essentials of your standards, sections, and reports. By utilizing the ‘Export All’ button, a complete portrayal of your compliance configuration is readily compiled, ensuring data integrity.
       
      For importing, should there be a necessity to infuse the module with compliance data from an alternative system, the ‘Import All’ button facilitates this. Simply upload the corresponding JSON file, and the module will fluidly merge the data, aligning with your prior system’s setup.
       
      Import/Export Options
       
       
       
       
        
diff --git a/_site/UTMStackComponents/Configuration/ApplicationSetting.html b/_site/UTMStackComponents/Configuration/ApplicationSetting.html
index e798078..1939e01 100644
--- a/_site/UTMStackComponents/Configuration/ApplicationSetting.html
+++ b/_site/UTMStackComponents/Configuration/ApplicationSetting.html
@@ -1 +1 @@
-          Application Settings | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
       
        Documentation     
        
       This site uses Just the Docs, a documentation theme for Jekyll. 
       
       
       
       
       
         
       
       
       
       
        
       
        APPLICATION SETTINGS 
       
      UTMStack offers a comprehensive configuration module where administrators can adjust various settings to customize the application according to their organizational preferences. Here’s a detailed breakdown:
       
        SMS Notifications using Twilio 
       
      UTMStack has integrated with Twilio, a renowned cloud communications platform, to facilitate SMS notifications. To ensure timely and accurate SMS delivery, it’s crucial to configure the following parameters:
       
         
      •  
        Twilio Authentication Token: This secret token is used to authenticate your Twilio account. Ensure you enter the correct token to maintain seamless communication.
         
        •  
      •  
        Twilio Account SID: Your unique Twilio Account identifier. It’s crucial for distinguishing and authorizing your Twilio account.
         
        •  
      •  
        Twilio Virtual Phone Number: This is the dedicated phone number from which SMS notifications will be sent. It must be procured from your Twilio dashboard.
         
        •  
       
        Email Notifications 
       
      Configure the email settings to send emails notifications for the alerts and incidents:
       
         
      •  
        Mail Server Password: The password for your email server to authenticate and send out notifications.
         
        •  
      •  
        UTMStack email address: The official UTMStack email address that will be used to send out notifications.
         
        •  
      •  
        UTMStack base url: For example: https://UTMStack.UTMStack.com.
         
        •  
      •  
        Mail Server Host: For example: example.hostmail.com.
         
        •  
      •  
        Mail Server Port: Typically, the port can be 587.
         
        •  
      •  
        Mail Server Username: The username for your email server.
         
        •  
      •  
        Encryption type: Choose the encryption protocol for your email server. Options include:
         
           
        • TLS
          •  
        • SSL
          •  
        • NONE
          •  
         
        •  
       
        Two Factor Authentication (2FA) 
       
      2FA is a security mechanism where users must provide two separate verification methods to access an account or application. This feature enhances the application’s security:
       
         
      • Enable Two Factor Authentication: Toggle this option to enable or disable 2FA for user access.
        •  
       
        Alerts Configuration 
       
      Define settings for alert and incident notifications:
       
         
      •  
        Emails to notify incidents: List down the email addresses that should receive incident notifications.
         
        •  
      •  
        Emails to notify alerts: Specify the email addresses that should receive alert notifications.
         
        •  
       
        Date Settings 
       
      Set your default time zone and date format preferences:
       
         
      •  
        Time Zone: Choose the time zone in which you want to view the logs. By default, logs are stored in UTC.
         
        •  
      •  
        Date Format: Choose your preferred date format, such as Medium.
         
        •  
       
       
       
       
        
+          Application Settings | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
       
        Documentation     
        
       This site uses Just the Docs, a documentation theme for Jekyll. 
       
       
       
       
       
         
       
       
       
       
        
       
        APPLICATION SETTINGS 
       
      UTMStack offers a comprehensive configuration module where administrators can adjust various settings to customize the application according to their organizational preferences. Here’s a detailed breakdown:
       
        SMS Notifications using Twilio 
       
      UTMStack has integrated with Twilio, a renowned cloud communications platform, to facilitate SMS notifications. To ensure timely and accurate SMS delivery, it’s crucial to configure the following parameters:
       
         
      •  
        Twilio Authentication Token: This secret token is used to authenticate your Twilio account. Ensure you enter the correct token to maintain seamless communication.
         
        •  
      •  
        Twilio Account SID: Your unique Twilio Account identifier. It’s crucial for distinguishing and authorizing your Twilio account.
         
        •  
      •  
        Twilio Virtual Phone Number: This is the dedicated phone number from which SMS notifications will be sent. It must be procured from your Twilio dashboard.
         
        •  
       
        Email Notifications 
       
      Configure the email settings to send emails notifications for the alerts and incidents:
       
         
      •  
        Mail Server Password: The password for your email server to authenticate and send out notifications.
         
        •  
      •  
        UTMStack email address: The official UTMStack email address that will be used to send out notifications.
         
        •  
      •  
        UTMStack base url: For example: https://UTMStack.UTMStack.com.
         
        •  
      •  
        Mail Server Host: For example: example.hostmail.com.
         
        •  
      •  
        Mail Server Port: Typically, the port can be 587.
         
        •  
      •  
        Mail Server Username: The username for your email server.
         
        •  
      •  
        Encryption type: Choose the encryption protocol for your email server. Options include:
         
           
        • TLS
          •  
        • SSL
          •  
        • NONE
          •  
         
        •  
       
        Two Factor Authentication (2FA) 
       
      2FA is a security mechanism where users must provide two separate verification methods to access an account or application. This feature enhances the application’s security:
       
         
      • Enable Two Factor Authentication: Toggle this option to enable or disable 2FA for user access.
        •  
       
        Alerts Configuration 
       
      Define settings for alert and incident notifications:
       
         
      •  
        Emails to notify incidents: List down the email addresses that should receive incident notifications.
         
        •  
      •  
        Emails to notify alerts: Specify the email addresses that should receive alert notifications.
         
        •  
       
        Date Settings 
       
      Set your default time zone and date format preferences:
       
         
      •  
        Time Zone: Choose the time zone in which you want to view the logs. By default, logs are stored in UTC.
         
        •  
      •  
        Date Format: Choose your preferred date format, such as Medium.
         
        •  
       
       
       
       
        
diff --git a/_site/UTMStackComponents/Configuration/README.html b/_site/UTMStackComponents/Configuration/README.html
index b96be4c..0bfce3f 100644
--- a/_site/UTMStackComponents/Configuration/README.html
+++ b/_site/UTMStackComponents/Configuration/README.html
@@ -1 +1 @@
-          Configuration | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
       
        Documentation     
        
       This site uses Just the Docs, a documentation theme for Jekyll. 
       
       
       
       
       
         
       
       
       
       
       
       
        Configuration 
       
      This section will guide you through various configuration options available within UTMStack, ensuring you optimize the platform according to your organizational needs.
       
      ##Application Settings
       
      Go to Application Settings Section for more details
       
        Custom Logos and Report Covers 
       
      Customize UTMStack’s appearance to align with your organization’s branding.
       
        Configuring Custom Logos 
       
      Data Sources Overview
       
         
      1. Navigate to Settings > Application Theme.
        2.  
      2. Upload your desired logo for the Header, Login, Report and Report Cover.
        3.  
      3. Save your settings.
        4.  
       
       
      Table of contents
        
       
       
       
        
+          Configuration | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
       
        Documentation     
        
       This site uses Just the Docs, a documentation theme for Jekyll. 
       
       
       
       
       
         
       
       
       
       
       
       
        Configuration 
       
      This section will guide you through various configuration options available within UTMStack, ensuring you optimize the platform according to your organizational needs.
       
      ##Application Settings
       
      Go to Application Settings Section for more details
       
        Custom Logos and Report Covers 
       
      Customize UTMStack’s appearance to align with your organization’s branding.
       
        Configuring Custom Logos 
       
      Data Sources Overview
       
         
      1. Navigate to Settings > Application Theme.
        2.  
      2. Upload your desired logo for the Header, Login, Report and Report Cover.
        3.  
      3. Save your settings.
        4.  
       
       
      Table of contents
        
       
       
       
        
diff --git a/_site/UTMStackComponents/Dashboards/Charts/Goal.html b/_site/UTMStackComponents/Dashboards/Charts/Goal.html
index 0a63204..fcf4a0d 100644
--- a/_site/UTMStackComponents/Dashboards/Charts/Goal.html
+++ b/_site/UTMStackComponents/Dashboards/Charts/Goal.html
@@ -1 +1 @@
-          Goal | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
       
        Documentation     
        
       This site uses Just the Docs, a documentation theme for Jekyll. 
       
       
       
       
       
         
       
       
       
       
        
       
        Goal Chart 
       
      dashobard view
       
      A Goal chart is a visualization tool used to represent progress towards a specific target or goal. It’s a powerful way to show progress and motivate performance. UTMStack offers a Goal chart with customizable options to suit your specific requirements.
       
      Here are the options that you can configure while creating a Goal chart:
       
         
      • Color: You can select the color of the goal chart.
        •  
      • Goal Type: Choose the type of Goal chart. You have the option to choose ‘semi’,’arch’ or ‘full’.
        •  
      • LineBar style: Choose the style for the LineBar in the Goal chart. You can select ‘round’ or ‘butt’.
        •  
      • Min: This is the starting point or minimum value of your goal.
        •  
      • Goal: This is the target or the goal you aim to reach.
        •  
      • LineBar width: Adjust the width of the LineBar.
        •  
      • Formatter: This option allows you to choose how the value is represented. If you want the value to be represented as a percentage, you can select ‘%’.
        •  
      • Animate on load?: This option allows you to decide if you want the chart to animate when it loads.
        •  
      • Decimal: Adjust the number of decimal places you want to display in your Goal chart.
        •  
       
      dashobard view
       
      These options offer a high degree of flexibility and can be adjusted to create a Goal chart that aligns with your specific needs.
       
       
       
       
        
+          Goal | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
       
        Documentation     
        
       This site uses Just the Docs, a documentation theme for Jekyll. 
       
       
       
       
       
         
       
       
       
       
        
       
        Goal Chart 
       
      dashobard view
       
      A Goal chart is a visualization tool used to represent progress towards a specific target or goal. It’s a powerful way to show progress and motivate performance. UTMStack offers a Goal chart with customizable options to suit your specific requirements.
       
      Here are the options that you can configure while creating a Goal chart:
       
         
      • Color: You can select the color of the goal chart.
        •  
      • Goal Type: Choose the type of Goal chart. You have the option to choose ‘semi’,’arch’ or ‘full’.
        •  
      • LineBar style: Choose the style for the LineBar in the Goal chart. You can select ‘round’ or ‘butt’.
        •  
      • Min: This is the starting point or minimum value of your goal.
        •  
      • Goal: This is the target or the goal you aim to reach.
        •  
      • LineBar width: Adjust the width of the LineBar.
        •  
      • Formatter: This option allows you to choose how the value is represented. If you want the value to be represented as a percentage, you can select ‘%’.
        •  
      • Animate on load?: This option allows you to decide if you want the chart to animate when it loads.
        •  
      • Decimal: Adjust the number of decimal places you want to display in your Goal chart.
        •  
       
      dashobard view
       
      These options offer a high degree of flexibility and can be adjusted to create a Goal chart that aligns with your specific needs.
       
       
       
       
        
diff --git a/_site/UTMStackComponents/Dashboards/Charts/HeatMap.html b/_site/UTMStackComponents/Dashboards/Charts/HeatMap.html
index f9a8dae..8731bbb 100644
--- a/_site/UTMStackComponents/Dashboards/Charts/HeatMap.html
+++ b/_site/UTMStackComponents/Dashboards/Charts/HeatMap.html
@@ -1 +1 @@
-          Heat Map | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
       
        Documentation     
        
       This site uses Just the Docs, a documentation theme for Jekyll. 
       
       
       
       
       
         
       
       
       
       
        
       
        Heat Map 
       
      Heat Map is a type of chart that represents data in a two-dimensional format, with colors representing values. The color intensity of the cells in the map corresponds to the data values they represent, allowing you to easily spot trends and patterns in your data. Heat Maps are especially effective for displaying large amounts of data that vary in scale and range.
       
      dashobard view
       
        Chart Customization Options 
       
      In UTMStack’s visualization editor, various aspects of your chart can be personalized to meet specific needs. The following sections explain the settings available under the Options tab when creating these chart.
       
        yAxis 
       
      dashobard view
       
         
      • Name: Provide a name for the Y-axis.
        •  
      • Axis Type: Specify the type of data on the Y-axis, typically ‘value’.
        •  
      • Axis Label Color: Customize the color of the axis labels.
        •  
      • Axis Label Formatter: Format the axis label. Its support string template. Default is {value}.
        •  
      • Axis Line Color: Customize the color of the axis line.
        •  
      • Show Split Line?: Option to show/hide split lines.
        •  
      • Axis Split Line Color: Customize the color of the split lines.
        •  
      • Split Line Type: Choose the style of the split lines (e.g., ‘dashed’).
        •  
       
        xAxis 
       
      This section has the same configuration options as the yAxis, but applied to the X-axis.
       
        Legend 
       
      dashobard view
       
         
      • Show Legend?: Option to display/hide the legend.
        •  
      • Legend Vertical Position: Choose the vertical position of the legend (e.g., ‘bottom’).
        •  
      • Legend Horizontal Position: Choose the horizontal position of the legend (e.g., ‘center’).
        •  
      • Legend Orientation: Choose the orientation of the legend (e.g., ‘horizontal’).
        •  
      • Color Width/Height: Adjust the size of the color boxes in the legend.
        •  
      • Use Custom Icon for Legend?: Option to use a custom icon in the legend.
        •  
      • Legend Icon: Choose the shape of the legend icons (e.g., ‘roundRect’).
        •  
       
        Toolbox 
       
      dashobard view
       
         
      • Show Toolbox?: Option to display/hide the toolbox.
        •  
      • Show Magic Type Feature?: Option to enable/disable magic type features.
        •  
      • Magic Feature: Enable magic types to switch between different chart types.
        •  
      • Show Save as Image Feature?: Option to enable/disable saving chart as an image.
        •  
      • Show Restore Chart Feature?: Option to enable/disable the feature to restore the chart to its original state.
        •  
      • Show Data View Feature?: Option to enable/disable the data view feature.
        •  
      • Show Data Zoom Feature?: Option to enable/disable the data zoom feature.
        •  
      • Show Mark Feature?: Option to enable/disable the mark feature.
        •  
      • Toolbox Vertical Position: Choose the vertical position of the toolbox (e.g., ‘top’).
        •  
      • Toolbox Horizontal Position: Choose the horizontal position of the toolbox (e.g., ‘right’).
        •  
      • Toolbox Orientation: Choose the orientation of the toolbox (e.g., ‘horizontal’).
        •  
      • Width/Height: Adjust the size of the toolbox.
        •  
      • Icon Size: Adjust the size of the toolbox icons.
        •  
       
        Colors 
       
      Adjust the color sequence for your chart data series.
       
        Grid 
       
         
      • Top/Left/Right/Bottom: Adjust the chart margins.
        •  
       
        DataZoom 
       
      dashobard view
       
         
      • Show Data Zoom?: Option to enable/disable the data zoom feature.
        •  
      • Legend Orientation: Choose the orientation of the data zoom (e.g., ‘horizontal’).
        •  
      • Start/End: Set the initial view of the data in percentage.
        •  
      • Height/Width: Adjust the size of the data zoom control.
        •  
      • Top/Left/Right/Bottom: Adjust the margins for the data zoom control.
        •  
       
        Example: Creating a Heat Map for Incident Categories 
       
      If you aim to create a Heat Map visualization that provides an insight into the count of various alertd categories in your alerts index, follow these steps:
       
      Step 1: Select Metric Aggregation You’ll start with defining your metric aggregation. For this case, you’re counting the number of alerts in each category, so select the ‘Count’ aggregation.
       
      Step 2: Configure Bucket Aggregation Next, define your bucket aggregation. Here, you will use the ‘Terms’ aggregation on the ‘alert.category.keyword’ field. This organizes your alerts data into different categories.
       
      dashobard view
       
      Step 3: Adjust Scale and Color Range Now it’s time to choose a suitable color scale. For clarity, you might want to use a ‘Sequential’ color scale, which assigns cooler colors to lower alert counts and warmer colors to higher alert counts. Remember, the goal is to allow for easy visual differentiation between high and low incident counts.
       
      Step 5: Generate Your Visualization After all these settings are done, click on ‘Run’. This will generate your Heat Map, where you can identify the most frequent incident categories in your alert index at a glance.
       
      By using this Heat Map, you can promptly pinpoint which categories of alerts are more common, enabling you to focus your resources and attention more effectively.
       
      dashobard view
       
       
       
       
        
+          Heat Map | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
       
        Documentation     
        
       This site uses Just the Docs, a documentation theme for Jekyll. 
       
       
       
       
       
         
       
       
       
       
        
       
        Heat Map 
       
      Heat Map is a type of chart that represents data in a two-dimensional format, with colors representing values. The color intensity of the cells in the map corresponds to the data values they represent, allowing you to easily spot trends and patterns in your data. Heat Maps are especially effective for displaying large amounts of data that vary in scale and range.
       
      dashobard view
       
        Chart Customization Options 
       
      In UTMStack’s visualization editor, various aspects of your chart can be personalized to meet specific needs. The following sections explain the settings available under the Options tab when creating these chart.
       
        yAxis 
       
      dashobard view
       
         
      • Name: Provide a name for the Y-axis.
        •  
      • Axis Type: Specify the type of data on the Y-axis, typically ‘value’.
        •  
      • Axis Label Color: Customize the color of the axis labels.
        •  
      • Axis Label Formatter: Format the axis label. Its support string template. Default is {value}.
        •  
      • Axis Line Color: Customize the color of the axis line.
        •  
      • Show Split Line?: Option to show/hide split lines.
        •  
      • Axis Split Line Color: Customize the color of the split lines.
        •  
      • Split Line Type: Choose the style of the split lines (e.g., ‘dashed’).
        •  
       
        xAxis 
       
      This section has the same configuration options as the yAxis, but applied to the X-axis.
       
        Legend 
       
      dashobard view
       
         
      • Show Legend?: Option to display/hide the legend.
        •  
      • Legend Vertical Position: Choose the vertical position of the legend (e.g., ‘bottom’).
        •  
      • Legend Horizontal Position: Choose the horizontal position of the legend (e.g., ‘center’).
        •  
      • Legend Orientation: Choose the orientation of the legend (e.g., ‘horizontal’).
        •  
      • Color Width/Height: Adjust the size of the color boxes in the legend.
        •  
      • Use Custom Icon for Legend?: Option to use a custom icon in the legend.
        •  
      • Legend Icon: Choose the shape of the legend icons (e.g., ‘roundRect’).
        •  
       
        Toolbox 
       
      dashobard view
       
         
      • Show Toolbox?: Option to display/hide the toolbox.
        •  
      • Show Magic Type Feature?: Option to enable/disable magic type features.
        •  
      • Magic Feature: Enable magic types to switch between different chart types.
        •  
      • Show Save as Image Feature?: Option to enable/disable saving chart as an image.
        •  
      • Show Restore Chart Feature?: Option to enable/disable the feature to restore the chart to its original state.
        •  
      • Show Data View Feature?: Option to enable/disable the data view feature.
        •  
      • Show Data Zoom Feature?: Option to enable/disable the data zoom feature.
        •  
      • Show Mark Feature?: Option to enable/disable the mark feature.
        •  
      • Toolbox Vertical Position: Choose the vertical position of the toolbox (e.g., ‘top’).
        •  
      • Toolbox Horizontal Position: Choose the horizontal position of the toolbox (e.g., ‘right’).
        •  
      • Toolbox Orientation: Choose the orientation of the toolbox (e.g., ‘horizontal’).
        •  
      • Width/Height: Adjust the size of the toolbox.
        •  
      • Icon Size: Adjust the size of the toolbox icons.
        •  
       
        Colors 
       
      Adjust the color sequence for your chart data series.
       
        Grid 
       
         
      • Top/Left/Right/Bottom: Adjust the chart margins.
        •  
       
        DataZoom 
       
      dashobard view
       
         
      • Show Data Zoom?: Option to enable/disable the data zoom feature.
        •  
      • Legend Orientation: Choose the orientation of the data zoom (e.g., ‘horizontal’).
        •  
      • Start/End: Set the initial view of the data in percentage.
        •  
      • Height/Width: Adjust the size of the data zoom control.
        •  
      • Top/Left/Right/Bottom: Adjust the margins for the data zoom control.
        •  
       
        Example: Creating a Heat Map for Incident Categories 
       
      If you aim to create a Heat Map visualization that provides an insight into the count of various alertd categories in your alerts index, follow these steps:
       
      Step 1: Select Metric Aggregation You’ll start with defining your metric aggregation. For this case, you’re counting the number of alerts in each category, so select the ‘Count’ aggregation.
       
      Step 2: Configure Bucket Aggregation Next, define your bucket aggregation. Here, you will use the ‘Terms’ aggregation on the ‘alert.category.keyword’ field. This organizes your alerts data into different categories.
       
      dashobard view
       
      Step 3: Adjust Scale and Color Range Now it’s time to choose a suitable color scale. For clarity, you might want to use a ‘Sequential’ color scale, which assigns cooler colors to lower alert counts and warmer colors to higher alert counts. Remember, the goal is to allow for easy visual differentiation between high and low incident counts.
       
      Step 5: Generate Your Visualization After all these settings are done, click on ‘Run’. This will generate your Heat Map, where you can identify the most frequent incident categories in your alert index at a glance.
       
      By using this Heat Map, you can promptly pinpoint which categories of alerts are more common, enabling you to focus your resources and attention more effectively.
       
      dashobard view
       
       
       
       
        
diff --git a/_site/UTMStackComponents/Dashboards/Charts/Line.html b/_site/UTMStackComponents/Dashboards/Charts/Line.html
index 4b04a66..f12c36b 100644
--- a/_site/UTMStackComponents/Dashboards/Charts/Line.html
+++ b/_site/UTMStackComponents/Dashboards/Charts/Line.html
@@ -1 +1 @@
-          Line, Area LineBar, Bar and Bar Horizontal charts | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
       
        Documentation     
        
       This site uses Just the Docs, a documentation theme for Jekyll. 
       
       
       
       
       
         
       
       
       
       
        
       
        Line, Area LineBar, Bar and Bar Horizontal charts 
       
      dashobard view
       
      UTMStack provides a versatile set of charting options to visually represent your data, including Line, Area, Bar, and others. These charts are excellent for displaying data trends over time, mapping data on an X/Y axis, and highlighting changes in values between different data points.
       
        Chart Customization Options 
       
      In UTMStack’s visualization editor, various aspects of your chart can be personalized to meet specific needs. The following sections explain the settings available under the Options tab when creating these charts.
       
        Series 
       
      dashobard view
       
         
      • Type: Change the chart type, such as to a bar chart.
        •  
      • Mark Point: Mark specific points on the line for emphasis. The configuration includes: 
           
        • Symbol: Define the symbol used to mark the point. For instance, you could choose ‘pin’ to represent marked points as pin symbols.
          •  
        • Symbol Size: Adjust the size of the symbol used to mark the point.
          •  
        • Font Size: Determine the size of the font used in the mark point.
          •  
        • Type: Set the type of mark point, options include ‘min’, ‘max’, or ‘avg’.
          •  
        • Name: Provide a custom name for the mark point. This name will be displayed in tooltips and legends when hovering over the point or when it’s included in the legend.
          •  
         
        •  
      • Mark Line: Similarly to Mark Point, you can also highlight a specific line for emphasis.
        •  
       
        yAxis 
       
      dashobard view
       
         
      • Name: Provide a name for the Y-axis.
        •  
      • Axis Type: Specify the type of data on the Y-axis, typically ‘value’.
        •  
      • Axis Label Color: Customize the color of the axis labels.
        •  
      • Axis Label Formatter: Format the axis label. Its support string template. Default is {value}.
        •  
      • Axis Line Color: Customize the color of the axis line.
        •  
      • Show Split Line?: Option to show/hide split lines.
        •  
      • Axis Split Line Color: Customize the color of the split lines.
        •  
      • Split Line Type: Choose the style of the split lines (e.g., ‘dashed’).
        •  
       
        xAxis 
       
      This section has the same configuration options as the yAxis, but applied to the X-axis.
       
        Legend 
       
      dashobard view
       
         
      • Show Legend?: Option to display/hide the legend.
        •  
      • Legend Vertical Position: Choose the vertical position of the legend (e.g., ‘bottom’).
        •  
      • Legend Horizontal Position: Choose the horizontal position of the legend (e.g., ‘center’).
        •  
      • Legend Orientation: Choose the orientation of the legend (e.g., ‘horizontal’).
        •  
      • Color Width/Height: Adjust the size of the color boxes in the legend.
        •  
      • Use Custom Icon for Legend?: Option to use a custom icon in the legend.
        •  
      • Legend Icon: Choose the shape of the legend icons (e.g., ‘roundRect’).
        •  
       
        Toolbox 
       
      dashobard view
       
         
      • Show Toolbox?: Option to display/hide the toolbox.
        •  
      • Show Magic Type Feature?: Option to enable/disable magic type features.
        •  
      • Magic Feature: Enable magic types to switch between different chart types.
        •  
      • Show Save as Image Feature?: Option to enable/disable saving chart as an image.
        •  
      • Show Restore Chart Feature?: Option to enable/disable the feature to restore the chart to its original state.
        •  
      • Show Data View Feature?: Option to enable/disable the data view feature.
        •  
      • Show Data Zoom Feature?: Option to enable/disable the data zoom feature.
        •  
      • Show Mark Feature?: Option to enable/disable the mark feature.
        •  
      • Toolbox Vertical Position: Choose the vertical position of the toolbox (e.g., ‘top’).
        •  
      • Toolbox Horizontal Position: Choose the horizontal position of the toolbox (e.g., ‘right’).
        •  
      • Toolbox Orientation: Choose the orientation of the toolbox (e.g., ‘horizontal’).
        •  
      • Width/Height: Adjust the size of the toolbox.
        •  
      • Icon Size: Adjust the size of the toolbox icons.
        •  
       
        Colors 
       
      Adjust the color sequence for your chart data series.
       
        Grid 
       
         
      • Top/Left/Right/Bottom: Adjust the chart margins.
        •  
       
        DataZoom 
       
      dashobard view
       
         
      • Show Data Zoom?: Option to enable/disable the data zoom feature.
        •  
      • Legend Orientation: Choose the orientation of the data zoom (e.g., ‘horizontal’).
        •  
      • Start/End: Set the initial view of the data in percentage.
        •  
      • Height/Width: Adjust the size of the data zoom control.
        •  
      • Top/Left/Right/Bottom: Adjust the margins for the data zoom control.
        •  
       
      These settings allow you to create a more engaging and informative visualization tailored to your specific needs.
       
      dashobard view
       
       
       
       
        
+          Line, Area LineBar, Bar and Bar Horizontal charts | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
       
        Documentation     
        
       This site uses Just the Docs, a documentation theme for Jekyll. 
       
       
       
       
       
         
       
       
       
       
        
       
        Line, Area LineBar, Bar and Bar Horizontal charts 
       
      dashobard view
       
      UTMStack provides a versatile set of charting options to visually represent your data, including Line, Area, Bar, and others. These charts are excellent for displaying data trends over time, mapping data on an X/Y axis, and highlighting changes in values between different data points.
       
        Chart Customization Options 
       
      In UTMStack’s visualization editor, various aspects of your chart can be personalized to meet specific needs. The following sections explain the settings available under the Options tab when creating these charts.
       
        Series 
       
      dashobard view
       
         
      • Type: Change the chart type, such as to a bar chart.
        •  
      • Mark Point: Mark specific points on the line for emphasis. The configuration includes: 
           
        • Symbol: Define the symbol used to mark the point. For instance, you could choose ‘pin’ to represent marked points as pin symbols.
          •  
        • Symbol Size: Adjust the size of the symbol used to mark the point.
          •  
        • Font Size: Determine the size of the font used in the mark point.
          •  
        • Type: Set the type of mark point, options include ‘min’, ‘max’, or ‘avg’.
          •  
        • Name: Provide a custom name for the mark point. This name will be displayed in tooltips and legends when hovering over the point or when it’s included in the legend.
          •  
         
        •  
      • Mark Line: Similarly to Mark Point, you can also highlight a specific line for emphasis.
        •  
       
        yAxis 
       
      dashobard view
       
         
      • Name: Provide a name for the Y-axis.
        •  
      • Axis Type: Specify the type of data on the Y-axis, typically ‘value’.
        •  
      • Axis Label Color: Customize the color of the axis labels.
        •  
      • Axis Label Formatter: Format the axis label. Its support string template. Default is {value}.
        •  
      • Axis Line Color: Customize the color of the axis line.
        •  
      • Show Split Line?: Option to show/hide split lines.
        •  
      • Axis Split Line Color: Customize the color of the split lines.
        •  
      • Split Line Type: Choose the style of the split lines (e.g., ‘dashed’).
        •  
       
        xAxis 
       
      This section has the same configuration options as the yAxis, but applied to the X-axis.
       
        Legend 
       
      dashobard view
       
         
      • Show Legend?: Option to display/hide the legend.
        •  
      • Legend Vertical Position: Choose the vertical position of the legend (e.g., ‘bottom’).
        •  
      • Legend Horizontal Position: Choose the horizontal position of the legend (e.g., ‘center’).
        •  
      • Legend Orientation: Choose the orientation of the legend (e.g., ‘horizontal’).
        •  
      • Color Width/Height: Adjust the size of the color boxes in the legend.
        •  
      • Use Custom Icon for Legend?: Option to use a custom icon in the legend.
        •  
      • Legend Icon: Choose the shape of the legend icons (e.g., ‘roundRect’).
        •  
       
        Toolbox 
       
      dashobard view
       
         
      • Show Toolbox?: Option to display/hide the toolbox.
        •  
      • Show Magic Type Feature?: Option to enable/disable magic type features.
        •  
      • Magic Feature: Enable magic types to switch between different chart types.
        •  
      • Show Save as Image Feature?: Option to enable/disable saving chart as an image.
        •  
      • Show Restore Chart Feature?: Option to enable/disable the feature to restore the chart to its original state.
        •  
      • Show Data View Feature?: Option to enable/disable the data view feature.
        •  
      • Show Data Zoom Feature?: Option to enable/disable the data zoom feature.
        •  
      • Show Mark Feature?: Option to enable/disable the mark feature.
        •  
      • Toolbox Vertical Position: Choose the vertical position of the toolbox (e.g., ‘top’).
        •  
      • Toolbox Horizontal Position: Choose the horizontal position of the toolbox (e.g., ‘right’).
        •  
      • Toolbox Orientation: Choose the orientation of the toolbox (e.g., ‘horizontal’).
        •  
      • Width/Height: Adjust the size of the toolbox.
        •  
      • Icon Size: Adjust the size of the toolbox icons.
        •  
       
        Colors 
       
      Adjust the color sequence for your chart data series.
       
        Grid 
       
         
      • Top/Left/Right/Bottom: Adjust the chart margins.
        •  
       
        DataZoom 
       
      dashobard view
       
         
      • Show Data Zoom?: Option to enable/disable the data zoom feature.
        •  
      • Legend Orientation: Choose the orientation of the data zoom (e.g., ‘horizontal’).
        •  
      • Start/End: Set the initial view of the data in percentage.
        •  
      • Height/Width: Adjust the size of the data zoom control.
        •  
      • Top/Left/Right/Bottom: Adjust the margins for the data zoom control.
        •  
       
      These settings allow you to create a more engaging and informative visualization tailored to your specific needs.
       
      dashobard view
       
       
       
       
        
diff --git a/_site/UTMStackComponents/Dashboards/Charts/List.html b/_site/UTMStackComponents/Dashboards/Charts/List.html
index 586e4d6..676ff3f 100644
--- a/_site/UTMStackComponents/Dashboards/Charts/List.html
+++ b/_site/UTMStackComponents/Dashboards/Charts/List.html
@@ -1 +1 @@
-          List | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
       
        Documentation     
        
       This site uses Just the Docs, a documentation theme for Jekyll. 
       
       
       
       
       
         
       
       
       
       
        
       
        List Chart 
       
      List charts provide a way to display your data in a tabular form, offering an easy-to-read structure. This makes it perfect for detailed views of individual records.
       
      List Chart
       
      List charts come in handy when you need to compare individual data points, highlight specific data, or when details for each data point are essential. Moreover, they offer an excellent way to visualize nominal and small range ordinal variables.
       
        Options 
       
      When creating a list chart with UTMStack’s visualization editor, you can customize several features to better present your data. Here are some available options under the Options tab:
       
        Table option 
       
         
      •  
        Dynamic page size?: This option allows the table to automatically adjust its page size based on the size of the browser window. If disabled, you will need to manually specify the number of rows per page.
         
        •  
      •  
        Can it be exported to CSV?: If enabled, this option allows users to download the table data as a CSV file.
         
        •  
       
        Columns 
       
      In the Data tab, you can define the structure and the content of your list by specifying the fields you wish to include as columns.
       
         
      •  
        Column: Here, you can set the column’s label as it will appear in the chart.
         
        •  
      •  
        Field: This option allows you to select the data field that will populate the column.
         
        •  
      •  
        Custom label: You can also provide a custom label for this column. This name will be displayed in the chart.
         
        •  
       
      With these settings, you can create a detailed and informative visualization tailored to your specific needs.
       
        Example: Creating a List Chart for User Logon Success Details 
       
      If you want to create a List chart that presents a detailed view of successful user logon activities in your system, follow these steps:
       
        Step 1: Add Filters 
       
      Start by applying filters to narrow down your dataset to only include successful logon activities.
       
         
      1.  
        Filter 1: To focus on logon activities, select the field logx.wineventlog.event_id, set the operator to is, and the value to 4624. This isolates the events specific to user logon activities.
         
        filter1
         
        2.  
      2.  
        Filter 2: To exclude unsuccessful logon attempts, use the field logx.wineventlog.event_data.FailureReasonDescription.keyword, set the operator to is not one of, and provide the values None and An Error occurred during Logon.
         
        filter2
         
        3.  
      3.  
        Filter 3: To eliminate instances where the username isn’t available, select the field logx.wineventlog.event_data.TargetUserName.keyword, set the operator to is not, and provide the value -.
         
        filter3
         
        4.  
      4.  
        Filter 4: To avoid including system-generated logon activities, use the field logx.wineventlog.event_data.TargetUserName, set the operator to does not end with, and provide the value $.
         
        filter4
         
        5.  
       
        Step 2: Select Columns 
       
      Once your filters are set, go to the Data tab and specify the columns for your list.
       
         
      1.  
        Username: To include a ‘Username’ column that shows the username for each logon event, click ‘Add Column’, select the field logx.wineventlog.event_data.TargetUserName.keyword, and set the custom label to ‘Username’.
         
        username
         
        2.  
      2.  
        Computer: To include a ‘Computer’ column that displays the host machine name for each logon event, click ‘Add Column’, select the field logx.wineventlog.beat.hostname.keyword, and set the custom label to ‘Computer’.
         
        computer
         
        3.  
      3.  
        Date: To include a ‘Date’ column showing the timestamp of each logon event, click ‘Add Column’, select the field @timestamp, and set the custom label to ‘Date’.
         
        date
         
        4.  
       
      These steps will help you create a List chart that provides a detailed view of successful user logon activities in your system.
       
      List Chart
       
       
       
       
        
+          List | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
       
        Documentation     
        
       This site uses Just the Docs, a documentation theme for Jekyll. 
       
       
       
       
       
         
       
       
       
       
        
       
        List Chart 
       
      List charts provide a way to display your data in a tabular form, offering an easy-to-read structure. This makes it perfect for detailed views of individual records.
       
      List Chart
       
      List charts come in handy when you need to compare individual data points, highlight specific data, or when details for each data point are essential. Moreover, they offer an excellent way to visualize nominal and small range ordinal variables.
       
        Options 
       
      When creating a list chart with UTMStack’s visualization editor, you can customize several features to better present your data. Here are some available options under the Options tab:
       
        Table option 
       
         
      •  
        Dynamic page size?: This option allows the table to automatically adjust its page size based on the size of the browser window. If disabled, you will need to manually specify the number of rows per page.
         
        •  
      •  
        Can it be exported to CSV?: If enabled, this option allows users to download the table data as a CSV file.
         
        •  
       
        Columns 
       
      In the Data tab, you can define the structure and the content of your list by specifying the fields you wish to include as columns.
       
         
      •  
        Column: Here, you can set the column’s label as it will appear in the chart.
         
        •  
      •  
        Field: This option allows you to select the data field that will populate the column.
         
        •  
      •  
        Custom label: You can also provide a custom label for this column. This name will be displayed in the chart.
         
        •  
       
      With these settings, you can create a detailed and informative visualization tailored to your specific needs.
       
        Example: Creating a List Chart for User Logon Success Details 
       
      If you want to create a List chart that presents a detailed view of successful user logon activities in your system, follow these steps:
       
        Step 1: Add Filters 
       
      Start by applying filters to narrow down your dataset to only include successful logon activities.
       
         
      1.  
        Filter 1: To focus on logon activities, select the field logx.wineventlog.event_id, set the operator to is, and the value to 4624. This isolates the events specific to user logon activities.
         
        filter1
         
        2.  
      2.  
        Filter 2: To exclude unsuccessful logon attempts, use the field logx.wineventlog.event_data.FailureReasonDescription.keyword, set the operator to is not one of, and provide the values None and An Error occurred during Logon.
         
        filter2
         
        3.  
      3.  
        Filter 3: To eliminate instances where the username isn’t available, select the field logx.wineventlog.event_data.TargetUserName.keyword, set the operator to is not, and provide the value -.
         
        filter3
         
        4.  
      4.  
        Filter 4: To avoid including system-generated logon activities, use the field logx.wineventlog.event_data.TargetUserName, set the operator to does not end with, and provide the value $.
         
        filter4
         
        5.  
       
        Step 2: Select Columns 
       
      Once your filters are set, go to the Data tab and specify the columns for your list.
       
         
      1.  
        Username: To include a ‘Username’ column that shows the username for each logon event, click ‘Add Column’, select the field logx.wineventlog.event_data.TargetUserName.keyword, and set the custom label to ‘Username’.
         
        username
         
        2.  
      2.  
        Computer: To include a ‘Computer’ column that displays the host machine name for each logon event, click ‘Add Column’, select the field logx.wineventlog.beat.hostname.keyword, and set the custom label to ‘Computer’.
         
        computer
         
        3.  
      3.  
        Date: To include a ‘Date’ column showing the timestamp of each logon event, click ‘Add Column’, select the field @timestamp, and set the custom label to ‘Date’.
         
        date
         
        4.  
       
      These steps will help you create a List chart that provides a detailed view of successful user logon activities in your system.
       
      List Chart
       
       
       
       
        
diff --git a/_site/UTMStackComponents/Dashboards/Charts/Metric.html b/_site/UTMStackComponents/Dashboards/Charts/Metric.html
index 055908a..10b1d90 100644
--- a/_site/UTMStackComponents/Dashboards/Charts/Metric.html
+++ b/_site/UTMStackComponents/Dashboards/Charts/Metric.html
@@ -1 +1 @@
-          Metric | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
       
        Documentation     
        
       This site uses Just the Docs, a documentation theme for Jekyll. 
       
       
       
       
       
         
       
       
       
       
        
       
        Metric Chart 
       
      A Metric chart is a simple, yet powerful tool for visualizing a single piece of data, often used to highlight a key performance indicator (KPI) or other significant metric in your data set.
       
      dashobard view
       
      UTMStack’s Metric chart allows you to customize the appearance of your metric to meet your specific needs. Let’s go through the configuration settings available under the Options tab when creating a Metric chart:
       
        Metric option 
       
         
      •  
        Select icon: This option allows you to choose an icon to represent your data. An icon can provide a visual cue that helps users understand the data more intuitively.
         
        •  
      •  
        Select color: Use this option to choose the color of the icon you selected above. This can be useful for differentiating different metrics or to align the color with the data’s semantics.
         
        •  
      •  
        Decimal: This option lets you choose how many decimal places your metric should be rounded to.
         
        •  
       
      In this way, you can design a Metric chart that clearly and effectively communicates the key piece of information you want to present to your users.
       
        Example: Creating a Metric Chart for Severity Level 2 Alerts 
       
      Let’s say you want to create a Metric chart that displays the count of severity level 2 alerts in your system, you can follow these steps:
       
      Step 1: Filter the Data
       
      Start by applying a filter to only include the severity level 2 alerts.
       
         
      • Select the field ‘severity’.
        •  
      • Set the operator to ‘is’.
        •  
      • Specify the value as ‘2’.
        •  
       
      dashobard view
       
      This filter ensures that your Metric chart will only count the severity level 2 alerts.
       
      Step 2: Select the Aggregation
       
      Now you need to select the aggregation for your Metric chart. For this example, we will use the ‘COUNT’ aggregation. This will count the number of severity level 2 alerts.
       
      dashobard view
       
      After applying the filter and choosing the aggregation and press Run you should be able to see the count of severity level 2 alerts on your Metric chart.
       
      dashobard view
       
       
       
       
        
+          Metric | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
       
        Documentation     
        
       This site uses Just the Docs, a documentation theme for Jekyll. 
       
       
       
       
       
         
       
       
       
       
        
       
        Metric Chart 
       
      A Metric chart is a simple, yet powerful tool for visualizing a single piece of data, often used to highlight a key performance indicator (KPI) or other significant metric in your data set.
       
      dashobard view
       
      UTMStack’s Metric chart allows you to customize the appearance of your metric to meet your specific needs. Let’s go through the configuration settings available under the Options tab when creating a Metric chart:
       
        Metric option 
       
         
      •  
        Select icon: This option allows you to choose an icon to represent your data. An icon can provide a visual cue that helps users understand the data more intuitively.
         
        •  
      •  
        Select color: Use this option to choose the color of the icon you selected above. This can be useful for differentiating different metrics or to align the color with the data’s semantics.
         
        •  
      •  
        Decimal: This option lets you choose how many decimal places your metric should be rounded to.
         
        •  
       
      In this way, you can design a Metric chart that clearly and effectively communicates the key piece of information you want to present to your users.
       
        Example: Creating a Metric Chart for Severity Level 2 Alerts 
       
      Let’s say you want to create a Metric chart that displays the count of severity level 2 alerts in your system, you can follow these steps:
       
      Step 1: Filter the Data
       
      Start by applying a filter to only include the severity level 2 alerts.
       
         
      • Select the field ‘severity’.
        •  
      • Set the operator to ‘is’.
        •  
      • Specify the value as ‘2’.
        •  
       
      dashobard view
       
      This filter ensures that your Metric chart will only count the severity level 2 alerts.
       
      Step 2: Select the Aggregation
       
      Now you need to select the aggregation for your Metric chart. For this example, we will use the ‘COUNT’ aggregation. This will count the number of severity level 2 alerts.
       
      dashobard view
       
      After applying the filter and choosing the aggregation and press Run you should be able to see the count of severity level 2 alerts on your Metric chart.
       
      dashobard view
       
       
       
       
        
diff --git a/_site/UTMStackComponents/Dashboards/Charts/Pie.html b/_site/UTMStackComponents/Dashboards/Charts/Pie.html
index 108de67..29272f6 100644
--- a/_site/UTMStackComponents/Dashboards/Charts/Pie.html
+++ b/_site/UTMStackComponents/Dashboards/Charts/Pie.html
@@ -1 +1 @@
-          Pie | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
       
        Documentation     
        
       This site uses Just the Docs, a documentation theme for Jekyll. 
       
       
       
       
       
         
       
       
       
       
        
       
        Pie Charts 
       
      dashobard view
       
      UTMStack’s visualization editor also offers the option to visualize your data in the form of a Pie chart. Pie charts are excellent for displaying the proportional breakdown of different categories within a dataset.
       
        Chart Customization Options 
       
      You can personalize various aspects of your Pie chart to meet specific needs. The following sections explain the settings available under the Options tab when creating a Pie chart.
       
      In the Pie options, you can find the Pie chart is a donut? option. By enabling this, your Pie chart will be transformed into a Donut chart.
       
        Legend 
       
      dashobard view
       
         
      • Show Legend?: Option to display/hide the legend.
        •  
      • Legend Vertical Position: Choose the vertical position of the legend (e.g., ‘bottom’).
        •  
      • Legend Horizontal Position: Choose the horizontal position of the legend (e.g., ‘center’).
        •  
      • Legend Orientation: Choose the orientation of the legend (e.g., ‘horizontal’).
        •  
      • Color Width/Height: Adjust the size of the color boxes in the legend.
        •  
      • Use Custom Icon for Legend?: Option to use a custom icon in the legend.
        •  
      • Legend Icon: Choose the shape of the legend icons (e.g., ‘roundRect’).
        •  
       
        Toolbox 
       
      dashobard view
       
         
      • Show Toolbox?: Option to display/hide the toolbox.
        •  
      • Show Magic Type Feature?: Option to enable/disable magic type features.
        •  
      • Magic Feature: Enable magic types to switch between different chart types.
        •  
      • Show Save as Image Feature?: Option to enable/disable saving chart as an image.
        •  
      • Show Restore Chart Feature?: Option to enable/disable the feature to restore the chart to its original state.
        •  
      • Show Data View Feature?: Option to enable/disable the data view feature.
        •  
      • Show Data Zoom Feature?: Option to enable/disable the data zoom feature.
        •  
      • Show Mark Feature?: Option to enable/disable the mark feature.
        •  
      • Toolbox Vertical Position: Choose the vertical position of the toolbox (e.g., ‘top’).
        •  
      • Toolbox Horizontal Position: Choose the horizontal position of the toolbox (e.g., ‘right’).
        •  
      • Toolbox Orientation: Choose the orientation of the toolbox (e.g., ‘horizontal’).
        •  
      • Width/Height: Adjust the size of the toolbox.
        •  
      • Icon Size: Adjust the size of the toolbox icons.
        •  
       
        Colors 
       
      Adjust the color sequence for your chart data series.
       
        Grid 
       
         
      • Top/Left/Right/Bottom: Adjust the chart margins.
        •  
       
        DataZoom 
       
      dashobard view
       
         
      • Show Data Zoom?: Option to enable/disable the data zoom feature.
        •  
      • Legend Orientation: Choose the orientation of the data zoom (e.g., ‘horizontal’).
        •  
      • Start/End: Set the initial view of the data in percentage.
        •  
      • Height/Width: Adjust the size of the data zoom control.
        •  
      • Top/Left/Right/Bottom: Adjust the margins for the data zoom control.
        •  
       
       
       
       
        
+          Pie | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
       
        Documentation     
        
       This site uses Just the Docs, a documentation theme for Jekyll. 
       
       
       
       
       
         
       
       
       
       
        
       
        Pie Charts 
       
      dashobard view
       
      UTMStack’s visualization editor also offers the option to visualize your data in the form of a Pie chart. Pie charts are excellent for displaying the proportional breakdown of different categories within a dataset.
       
        Chart Customization Options 
       
      You can personalize various aspects of your Pie chart to meet specific needs. The following sections explain the settings available under the Options tab when creating a Pie chart.
       
      In the Pie options, you can find the Pie chart is a donut? option. By enabling this, your Pie chart will be transformed into a Donut chart.
       
        Legend 
       
      dashobard view
       
         
      • Show Legend?: Option to display/hide the legend.
        •  
      • Legend Vertical Position: Choose the vertical position of the legend (e.g., ‘bottom’).
        •  
      • Legend Horizontal Position: Choose the horizontal position of the legend (e.g., ‘center’).
        •  
      • Legend Orientation: Choose the orientation of the legend (e.g., ‘horizontal’).
        •  
      • Color Width/Height: Adjust the size of the color boxes in the legend.
        •  
      • Use Custom Icon for Legend?: Option to use a custom icon in the legend.
        •  
      • Legend Icon: Choose the shape of the legend icons (e.g., ‘roundRect’).
        •  
       
        Toolbox 
       
      dashobard view
       
         
      • Show Toolbox?: Option to display/hide the toolbox.
        •  
      • Show Magic Type Feature?: Option to enable/disable magic type features.
        •  
      • Magic Feature: Enable magic types to switch between different chart types.
        •  
      • Show Save as Image Feature?: Option to enable/disable saving chart as an image.
        •  
      • Show Restore Chart Feature?: Option to enable/disable the feature to restore the chart to its original state.
        •  
      • Show Data View Feature?: Option to enable/disable the data view feature.
        •  
      • Show Data Zoom Feature?: Option to enable/disable the data zoom feature.
        •  
      • Show Mark Feature?: Option to enable/disable the mark feature.
        •  
      • Toolbox Vertical Position: Choose the vertical position of the toolbox (e.g., ‘top’).
        •  
      • Toolbox Horizontal Position: Choose the horizontal position of the toolbox (e.g., ‘right’).
        •  
      • Toolbox Orientation: Choose the orientation of the toolbox (e.g., ‘horizontal’).
        •  
      • Width/Height: Adjust the size of the toolbox.
        •  
      • Icon Size: Adjust the size of the toolbox icons.
        •  
       
        Colors 
       
      Adjust the color sequence for your chart data series.
       
        Grid 
       
         
      • Top/Left/Right/Bottom: Adjust the chart margins.
        •  
       
        DataZoom 
       
      dashobard view
       
         
      • Show Data Zoom?: Option to enable/disable the data zoom feature.
        •  
      • Legend Orientation: Choose the orientation of the data zoom (e.g., ‘horizontal’).
        •  
      • Start/End: Set the initial view of the data in percentage.
        •  
      • Height/Width: Adjust the size of the data zoom control.
        •  
      • Top/Left/Right/Bottom: Adjust the margins for the data zoom control.
        •  
       
       
       
       
        
diff --git a/_site/UTMStackComponents/Dashboards/Charts/README.html b/_site/UTMStackComponents/Dashboards/Charts/README.html
index d7a059c..80384c8 100644
--- a/_site/UTMStackComponents/Dashboards/Charts/README.html
+++ b/_site/UTMStackComponents/Dashboards/Charts/README.html
@@ -1 +1 @@
-          Charts | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
       
        Documentation     
        
       This site uses Just the Docs, a documentation theme for Jekyll. 
       
         
+          Charts | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
       
        Documentation     
        
       This site uses Just the Docs, a documentation theme for Jekyll. 
       
         
diff --git a/_site/UTMStackComponents/Dashboards/Charts/Table.html b/_site/UTMStackComponents/Dashboards/Charts/Table.html
index 6902657..4f94551 100644
--- a/_site/UTMStackComponents/Dashboards/Charts/Table.html
+++ b/_site/UTMStackComponents/Dashboards/Charts/Table.html
@@ -1 +1 @@
-          Table | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
       
        Documentation     
        
       This site uses Just the Docs, a documentation theme for Jekyll. 
       
       
       
       
       
         
       
       
       
       
        
       
        Table Chart 
       
      The Table chart in UTMStack is an incredibly flexible tool for representing your data in a tabular format, which can be particularly helpful when you need to see precise values along with a high-level summary. In this guide, we’ll discuss how to configure the different options available for a Table chart.
       
        Options 
       
      dashobard view
       
      Here are the options you can adjust to customize your Table chart:
       
         
      •  
        Dynamic Page Size?: This setting allows the table to adjust the number of rows displayed based on the size of the container. Enabling this option can be beneficial when viewing the table on different devices or screen sizes, ensuring that the data is always displayed optimally.
         
        •  
      •  
        Show Total?: This option allows you to display the total for numeric fields at the bottom of the table. This can be very useful when you need to quickly assess the sum of a particular field across all rows.
         
        •  
      •  
        Can it be Exported to CSV?: By enabling this option, you allow the table data to be exported to a CSV file. This feature can be handy when you need to share data or conduct further analysis outside UTMStack.
         
        •  
       
        Example: Creating a Table Chart for HIDS Alerts by Host 
       
         
      1. Filter the Data Start by defining a filter for the alerts, ensuring the data type is ‘hids’. This filter will ensure that only the HIDS alerts are included in your data set.
        2.  
       
      dashobard view
       
         
      1. Create a Metric Aggregation Next, you’ll need to create a Metric Aggregation that counts the quantity of alerts. This aggregation will determine the values displayed in your table.
        2.  
       
      dashobard view
       
         
      1.  
        Create a Bucket Aggregation for the Host Now it’s time to identify the host associated with each count. Create a new Bucket Aggregation using the ‘Terms’ type on the ‘destination.host.keyword’ field. This will group the alerts by host. For clarity, you can assign a custom label like “Hostname”. dashobard view
         
        2.  
      2.  
        Create a Sub-Bucket for the IP For more detailed information, you can add a sub-bucket to each host bucket that identifies the IP address associated with each host. To do this, click the ‘Add sub-Bucket’ button, select the ‘Terms’ aggregation type, and choose the ‘destination.ip.keyword’ field. You can use the custom label “IP” for this sub-bucket.
         
        3.  
       
      dashobard view
       
         
      1. Run the Chart Once you’ve configured the aggregations, click the ‘Run’ button to see a preview of your chart. If you’re satisfied with the results, you’ve successfully created a Table chart for HIDS alerts by host.
        2.  
       
      dashobard view
       
      By following these steps, you can create a highly customized Table chart that fits your specific use case. Remember, the configuration can be adjusted at any time to refine the results.
       
       
       
       
        
+          Table | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
       
        Documentation     
        
       This site uses Just the Docs, a documentation theme for Jekyll. 
       
       
       
       
       
         
       
       
       
       
        
       
        Table Chart 
       
      The Table chart in UTMStack is an incredibly flexible tool for representing your data in a tabular format, which can be particularly helpful when you need to see precise values along with a high-level summary. In this guide, we’ll discuss how to configure the different options available for a Table chart.
       
        Options 
       
      dashobard view
       
      Here are the options you can adjust to customize your Table chart:
       
         
      •  
        Dynamic Page Size?: This setting allows the table to adjust the number of rows displayed based on the size of the container. Enabling this option can be beneficial when viewing the table on different devices or screen sizes, ensuring that the data is always displayed optimally.
         
        •  
      •  
        Show Total?: This option allows you to display the total for numeric fields at the bottom of the table. This can be very useful when you need to quickly assess the sum of a particular field across all rows.
         
        •  
      •  
        Can it be Exported to CSV?: By enabling this option, you allow the table data to be exported to a CSV file. This feature can be handy when you need to share data or conduct further analysis outside UTMStack.
         
        •  
       
        Example: Creating a Table Chart for HIDS Alerts by Host 
       
         
      1. Filter the Data Start by defining a filter for the alerts, ensuring the data type is ‘hids’. This filter will ensure that only the HIDS alerts are included in your data set.
        2.  
       
      dashobard view
       
         
      1. Create a Metric Aggregation Next, you’ll need to create a Metric Aggregation that counts the quantity of alerts. This aggregation will determine the values displayed in your table.
        2.  
       
      dashobard view
       
         
      1.  
        Create a Bucket Aggregation for the Host Now it’s time to identify the host associated with each count. Create a new Bucket Aggregation using the ‘Terms’ type on the ‘destination.host.keyword’ field. This will group the alerts by host. For clarity, you can assign a custom label like “Hostname”. dashobard view
         
        2.  
      2.  
        Create a Sub-Bucket for the IP For more detailed information, you can add a sub-bucket to each host bucket that identifies the IP address associated with each host. To do this, click the ‘Add sub-Bucket’ button, select the ‘Terms’ aggregation type, and choose the ‘destination.ip.keyword’ field. You can use the custom label “IP” for this sub-bucket.
         
        3.  
       
      dashobard view
       
         
      1. Run the Chart Once you’ve configured the aggregations, click the ‘Run’ button to see a preview of your chart. If you’re satisfied with the results, you’ve successfully created a Table chart for HIDS alerts by host.
        2.  
       
      dashobard view
       
      By following these steps, you can create a highly customized Table chart that fits your specific use case. Remember, the configuration can be adjusted at any time to refine the results.
       
       
       
       
        
diff --git a/_site/UTMStackComponents/Dashboards/Charts/TagCloud.html b/_site/UTMStackComponents/Dashboards/Charts/TagCloud.html
index dc5d250..f1a11a7 100644
--- a/_site/UTMStackComponents/Dashboards/Charts/TagCloud.html
+++ b/_site/UTMStackComponents/Dashboards/Charts/TagCloud.html
@@ -1 +1 @@
-          Tag Cloud | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
       
        Documentation     
        
       This site uses Just the Docs, a documentation theme for Jekyll. 
       
       
       
       
       
         
       
       
       
       
        
       
        Tag Cloud Charts 
       
      dashobard view
       
      UTMStack provides a Tag Cloud chart option for visualizing text data in a way that emphasizes the frequency or importance of different tags. These charts represent data by varying the size and color of individual words or phrases (tags), allowing you to quickly see the most prominent tags in your data.
       
        Tag Cloud Option 
       
      dashobard view
       
         
      •  
        Tag Cloud Shape: You can choose from a variety of shapes for your Tag Cloud chart. The shape you choose will determine how the words are arranged in the cloud.
         
        •  
      •  
        Min Word Size: This setting allows you to adjust the smallest font size that will be used for the words in the tag cloud. The size of each term in the cloud represents its frequency or importance. By increasing the minimum word size, you can make the less frequent terms more visible.
         
        •  
      •  
        Text Padding: Text padding is the space between words in the tag cloud. By adjusting this setting, you can control the density of words in your cloud. A higher padding value will result in more space between the words, making the cloud look sparser. A lower value will make the words appear closer together, creating a denser cloud.
         
        •  
       
        Colors 
       
      Adjust the color sequence for your chart data series.
       
        Toolbox 
       
         
      • Show Toolbox?: Option to display/hide the toolbox.
        •  
      • Show Save as Image Feature?: Option to enable/disable saving chart as an image.
        •  
      • Show Restore Chart Feature?: Option to enable/disable the feature to restore the chart to its original state.
        •  
      • Show Data View Feature?: Option to enable/disable the data view feature.
        •  
      • Show Data Zoom Feature?: Option to enable/disable the data zoom feature.
        •  
      • Show Mark Feature?: Option to enable/disable the mark feature.
        •  
      • Toolbox Vertical Position: Choose the vertical position of the toolbox (e.g., ‘top’).
        •  
      • Toolbox Horizontal Position: Choose the horizontal position of the toolbox (e.g., ‘right’).
        •  
      • Toolbox Orientation: Choose the orientation of the toolbox (e.g., ‘horizontal’).
        •  
      • Width/Height: Adjust the size of the toolbox.
        •  
      • Icon Size: Adjust the size of the toolbox icons.
        •  
       
        Example: Creating a Tag Cloud Chart for Top 10 Alerts Categories 
       
      Suppose you want to visualize the top 10 alert categories registered in your system using a Tag Cloud chart. Here’s how you can set this up using UTMStack’s visualization editor:
       
      First, we will be using a Bucket Aggregation to represent the data. The steps to configure this are as follows:
       
         
      1. In the visualization editor, select the Buckets option.
        2.  
      2. Choose the Term aggregation type. This will allow us to group the data based on a specific field.
        3.  
      3. For the Field, select category.keyword. This will ensure that the chart represents the alerts based on their categories.
        4.  
      4. Set the Size to 10. This setting will limit the display to the top 10 alert categories.
        5.  
       
      Your configuration should look like the following:
       
      dashobard view
       
      Options
       
      Once the Bucket Aggregation is set, you can proceed to customize your Tag Cloud Chart under the Options tab:
       
         
      • Tag Cloud Shape: Select a shape that suits your preferences.
        •  
      • Min Word Size: Adjust this setting based on how prominent you want the less frequent categories to be.
        •  
      • Text Padding: Determine the space between words to create the desired visual density.
        •  
       
      After you have finished adjusting these settings, you can run the chart to visualize the top 10 alerts categories in your system as a Tag Cloud chart.
       
      dashobard view
       
      This personalized visualization can provide a quick and clear overview of the most frequent alert categories, aiding in system monitoring and management.
       
       
       
       
        
+          Tag Cloud | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
       
        Documentation     
        
       This site uses Just the Docs, a documentation theme for Jekyll. 
       
       
       
       
       
         
       
       
       
       
        
       
        Tag Cloud Charts 
       
      dashobard view
       
      UTMStack provides a Tag Cloud chart option for visualizing text data in a way that emphasizes the frequency or importance of different tags. These charts represent data by varying the size and color of individual words or phrases (tags), allowing you to quickly see the most prominent tags in your data.
       
        Tag Cloud Option 
       
      dashobard view
       
         
      •  
        Tag Cloud Shape: You can choose from a variety of shapes for your Tag Cloud chart. The shape you choose will determine how the words are arranged in the cloud.
         
        •  
      •  
        Min Word Size: This setting allows you to adjust the smallest font size that will be used for the words in the tag cloud. The size of each term in the cloud represents its frequency or importance. By increasing the minimum word size, you can make the less frequent terms more visible.
         
        •  
      •  
        Text Padding: Text padding is the space between words in the tag cloud. By adjusting this setting, you can control the density of words in your cloud. A higher padding value will result in more space between the words, making the cloud look sparser. A lower value will make the words appear closer together, creating a denser cloud.
         
        •  
       
        Colors 
       
      Adjust the color sequence for your chart data series.
       
        Toolbox 
       
         
      • Show Toolbox?: Option to display/hide the toolbox.
        •  
      • Show Save as Image Feature?: Option to enable/disable saving chart as an image.
        •  
      • Show Restore Chart Feature?: Option to enable/disable the feature to restore the chart to its original state.
        •  
      • Show Data View Feature?: Option to enable/disable the data view feature.
        •  
      • Show Data Zoom Feature?: Option to enable/disable the data zoom feature.
        •  
      • Show Mark Feature?: Option to enable/disable the mark feature.
        •  
      • Toolbox Vertical Position: Choose the vertical position of the toolbox (e.g., ‘top’).
        •  
      • Toolbox Horizontal Position: Choose the horizontal position of the toolbox (e.g., ‘right’).
        •  
      • Toolbox Orientation: Choose the orientation of the toolbox (e.g., ‘horizontal’).
        •  
      • Width/Height: Adjust the size of the toolbox.
        •  
      • Icon Size: Adjust the size of the toolbox icons.
        •  
       
        Example: Creating a Tag Cloud Chart for Top 10 Alerts Categories 
       
      Suppose you want to visualize the top 10 alert categories registered in your system using a Tag Cloud chart. Here’s how you can set this up using UTMStack’s visualization editor:
       
      First, we will be using a Bucket Aggregation to represent the data. The steps to configure this are as follows:
       
         
      1. In the visualization editor, select the Buckets option.
        2.  
      2. Choose the Term aggregation type. This will allow us to group the data based on a specific field.
        3.  
      3. For the Field, select category.keyword. This will ensure that the chart represents the alerts based on their categories.
        4.  
      4. Set the Size to 10. This setting will limit the display to the top 10 alert categories.
        5.  
       
      Your configuration should look like the following:
       
      dashobard view
       
      Options
       
      Once the Bucket Aggregation is set, you can proceed to customize your Tag Cloud Chart under the Options tab:
       
         
      • Tag Cloud Shape: Select a shape that suits your preferences.
        •  
      • Min Word Size: Adjust this setting based on how prominent you want the less frequent categories to be.
        •  
      • Text Padding: Determine the space between words to create the desired visual density.
        •  
       
      After you have finished adjusting these settings, you can run the chart to visualize the top 10 alerts categories in your system as a Tag Cloud chart.
       
      dashobard view
       
      This personalized visualization can provide a quick and clear overview of the most frequent alert categories, aiding in system monitoring and management.
       
       
       
       
        
diff --git a/_site/UTMStackComponents/Dashboards/DashboarList.html b/_site/UTMStackComponents/Dashboards/DashboarList.html
index 82c3f5d..c32a247 100644
--- a/_site/UTMStackComponents/Dashboards/DashboarList.html
+++ b/_site/UTMStackComponents/Dashboards/DashboarList.html
@@ -1 +1 @@
-          Dashboards List Overview | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
       
        Documentation     
        
       This site uses Just the Docs, a documentation theme for Jekyll. 
       
       
       
       
       
         
       
       
       
       
        
       
        Dashboards List Overview 
       
      UTMStack’s Dashboard List provides an efficient and organized view of all available dashboards, making it possible for users to interact with, manage, and customize dashboards to meet specific requirements. This guide offers an in-depth look at the key elements of the Dashboard List, explaining their respective functionalities.
       
      dashobard view
        
      Positioned at the top of the Dashboard List, the search box enables swift retrieval of dashboards. By typing in the dashboard name or associated keywords, users can dynamically filter the list to narrow down their search.
       
        2. Dashboard Listings 
       
      The main component of the Dashboard List is the section that presents all available dashboards. Each listing delivers crucial information about the respective dashboard:
       
         
      • Name: The unique name you’ve assigned to the dashboard.
        •  
      • Description: A brief explanation of the dashboard, including its purpose and what data it presents.
        •  
      • Last Modified: The date and time when the dashboard was last updated.
        •  
      • URL: The direct link to access the dashboard.
        •  
       
      You can reorder the list either by name or by the most recent modification date.
       
      In addition, each dashboard listing includes several action buttons:
       
         
      • Copy: Copy the url of the dashboard.
        •  
      • Edit: Modify the dashboard’s parameters.
        •  
      • Delete: Permanently remove the dashboard from the list.
        •  
       
        3. Import Dashboard 
       
      The ‘Import Dashboard’ function allows for the incorporation of previously exported dashboards. This capability proves particularly beneficial when there’s a need to duplicate similar dashboards across various sections or recreate a dashboard in a new UTMStack instance.
       
      dashobard view
       
        4. New Dashboard 
       
      The ‘New Dashboard’ button provides the opportunity to develop a new, custom dashboard from the ground up. Selecting this feature launches the Dashboard Editor, where users can designate the data source, apply filters, and set other dashboard parameters.
       
      For more information, refer to See Dashboard Creation.
       
       
       
       
        
+          Dashboards List Overview | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
       
        Documentation     
        
       This site uses Just the Docs, a documentation theme for Jekyll. 
       
       
       
       
       
         
       
       
       
       
        
       
        Dashboards List Overview 
       
      UTMStack’s Dashboard List provides an efficient and organized view of all available dashboards, making it possible for users to interact with, manage, and customize dashboards to meet specific requirements. This guide offers an in-depth look at the key elements of the Dashboard List, explaining their respective functionalities.
       
      dashobard view
        
      Positioned at the top of the Dashboard List, the search box enables swift retrieval of dashboards. By typing in the dashboard name or associated keywords, users can dynamically filter the list to narrow down their search.
       
        2. Dashboard Listings 
       
      The main component of the Dashboard List is the section that presents all available dashboards. Each listing delivers crucial information about the respective dashboard:
       
         
      • Name: The unique name you’ve assigned to the dashboard.
        •  
      • Description: A brief explanation of the dashboard, including its purpose and what data it presents.
        •  
      • Last Modified: The date and time when the dashboard was last updated.
        •  
      • URL: The direct link to access the dashboard.
        •  
       
      You can reorder the list either by name or by the most recent modification date.
       
      In addition, each dashboard listing includes several action buttons:
       
         
      • Copy: Copy the url of the dashboard.
        •  
      • Edit: Modify the dashboard’s parameters.
        •  
      • Delete: Permanently remove the dashboard from the list.
        •  
       
        3. Import Dashboard 
       
      The ‘Import Dashboard’ function allows for the incorporation of previously exported dashboards. This capability proves particularly beneficial when there’s a need to duplicate similar dashboards across various sections or recreate a dashboard in a new UTMStack instance.
       
      dashobard view
       
        4. New Dashboard 
       
      The ‘New Dashboard’ button provides the opportunity to develop a new, custom dashboard from the ground up. Selecting this feature launches the Dashboard Editor, where users can designate the data source, apply filters, and set other dashboard parameters.
       
      For more information, refer to See Dashboard Creation.
       
       
       
       
        
diff --git a/_site/UTMStackComponents/Dashboards/DashboardCreation.html b/_site/UTMStackComponents/Dashboards/DashboardCreation.html
index 37754e7..d496497 100644
--- a/_site/UTMStackComponents/Dashboards/DashboardCreation.html
+++ b/_site/UTMStackComponents/Dashboards/DashboardCreation.html
@@ -1 +1 @@
-          Creating a Dashboard | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
       
        Documentation     
        
       This site uses Just the Docs, a documentation theme for Jekyll. 
       
       
       
       
       
         
       
       
       
       
        
       
        Creating a Dashboard 
       
      The UTMStack Dashboard provides a flexible and intuitive interface for visualizing and analyzing your data. The process of creating a new dashboard involves selecting and configuring visualizations based on your specific needs.
       
        Visualization Menu 
       
      dashobard view
       
      This is the Visualization Menu, where you can see and add new visualizations to your dashboard.
       
      This has the following parts:
       
         
      •  
        Filter Visualizations Before adding visualizations to your dashboard, you may want to filter them based on specific criteria:
         
           
        • Visualization Name: If you know the name of the visualization you want, input it here.
          •  
        • Chart Type: If you’re interested in specific chart types (e.g., bar, pie, line), filter by this category.
          •  
        • Source: If your visualization depends on a specific data source, use this filter.
          •  
         
        These filters help you quickly find the exact visualizations you need.
         
        •  
      •  
        Visualizations List Review the list of visualizations based on your filtered criteria. Choose the visualizations you want to include in your dashboard. Remember, you can select multiple visualizations to provide various data views.
         
        •  
      •  
        Add Visualizations Click the Add Visualizations button to add the selected visualizations to your dashboard. You will then be directed to the dashboard editor.
         
        •  
      •  
        Create New Visualization If you need a custom visualization that’s not in the list, use the New Visualization button. This action will open the Visualization Editor, where you can create a custom visualization from scratch.
         
        •  
       
      To see how to create a a visualization go to Link
       
         
      • Configure and Save Dashboard In the dashboard editor, you can arrange, resize, and modify the visualizations as needed. Once you’re satisfied with the layout, give your dashboard a unique name, an optional description, and save it for future use.
        •  
       
      By following these steps, you can create custom, insightful dashboards to analyze and visualize your data effectively with UTMStack.
       
        Dashboard Editor 
       
      dashobard view
       
      Each visualization on your dashboard comes with a set of options:
       
         
      1. Visualization Options 
           
        • Edit Visualization: This option allows you to modify the selected visualization’s parameters directly from the dashboard. The visualization builder provides a variety of tools to manipulate your data for more accurate representation.
          •  
         
        2.  
       
         
      •  
        Edit Panel: This option lets you change the name of the visualization panel. An appropriate name can make it easier to understand the visualization’s purpose at a glance.
         
        •  
      •  
        Disable/Enable Time Filter: This option lets you enable or disable the time filter for the specific visualization. It can be helpful when you need a visualization to display data from a different time range than the dashboard’s global time filter.
         
        •  
       
         
      1. Delete Visualization The delete option allows you to remove any unwanted visualization from your dashboard.
        2.  
       
      Resize and Reposition Visualizations Each visualization in your dashboard can be resized and repositioned to best fit your needs. Click and drag the lower right corner of a visualization to resize it, or click and drag the visualization’s title bar to reposition it.
       
      Add Filter Use the Add Filter option to narrow down the data displayed in your visualizations. This can be particularly useful when you want to filter specific fields of your datasource.
       
      dashobard view
       
      When creating a filter, you can define various parameters:
       
         
      • Label: Provide a name for your filter for easy identification.
        •  
      • Source: Select the index pattern that the filter will apply to.
        •  
      • Field: Select the specific field within the chosen index pattern.
        •  
      • Allow Search Values: Enable this option to allow users to search for specific values within the field.
        •  
      • Allow Clear Values: Enable this option to allow users to clear the selected values.
        •  
      • Placeholder: Provide a placeholder text to be displayed when no value is selected.
        •  
      • Loading Text: Specify the text displayed while the filter loads data.
        •  
       
         
      1. Save Dashboard
        2.  
       
      After creating and arranging your visualizations in the Dashboard Editor, it’s time to save your work. UTMStack provides a variety of saving options to best accommodate your needs.
       
      dashobard view
       
         
      •  
        Name: Provide a unique name for your dashboard. This name will help identify your dashboard in the list of available dashboards.
         
        •  
      •  
        Description: Add a brief description of your dashboard. This should include information about the dashboard’s purpose, the type of data it’s presenting, and any other relevant details.
         
        •  
      •  
        Auto Refresh Dashboard: Enable this option if you want your dashboard to automatically update with the latest data at regular intervals.
         
           
        • Auto Refresh Time: If you have enabled the auto-refresh option, specify the frequency at which the dashboard should refresh.
          •  
         
        •  
      • Add Dashboard to Menu?: If you want your dashboard to be easily accessible from the main menu, enable this option. 
           
        • Menu List: Select in wich menu list you want to add the dashboard, default Dashboards.
          •  
         
        •  
      •  
        Name in Menu: If you have chosen to add the dashboard to the menu, specify the name as it should appear in the menu.
         
        •  
      •  
        Is this Menu Active?: Indicate whether the menu containing your dashboard should be active or inactive. An active menu is visible to users, while an inactive one is hidden.
         
        •  
      •  
        Authorities: Specify who has access to this dashboard. You can choose by roles (for example ROLE_ADMIN or ROLE_USER)
         
        •  
      • Save as new dashboard?: If you’ve made changes to an existing dashboard but want to keep the original version, check this box to save your work as a new dashboard.
        •  
       
      After adjusting these settings to your satisfaction, click “Save” to store your dashboard. Your custom dashboard is now ready for use and can be accessed anytime you need it.
       
       
       
       
        
+          Creating a Dashboard | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
       
        Documentation     
        
       This site uses Just the Docs, a documentation theme for Jekyll. 
       
       
       
       
       
         
       
       
       
       
        
       
        Creating a Dashboard 
       
      The UTMStack Dashboard provides a flexible and intuitive interface for visualizing and analyzing your data. The process of creating a new dashboard involves selecting and configuring visualizations based on your specific needs.
       
        Visualization Menu 
       
      dashobard view
       
      This is the Visualization Menu, where you can see and add new visualizations to your dashboard.
       
      This has the following parts:
       
         
      •  
        Filter Visualizations Before adding visualizations to your dashboard, you may want to filter them based on specific criteria:
         
           
        • Visualization Name: If you know the name of the visualization you want, input it here.
          •  
        • Chart Type: If you’re interested in specific chart types (e.g., bar, pie, line), filter by this category.
          •  
        • Source: If your visualization depends on a specific data source, use this filter.
          •  
         
        These filters help you quickly find the exact visualizations you need.
         
        •  
      •  
        Visualizations List Review the list of visualizations based on your filtered criteria. Choose the visualizations you want to include in your dashboard. Remember, you can select multiple visualizations to provide various data views.
         
        •  
      •  
        Add Visualizations Click the Add Visualizations button to add the selected visualizations to your dashboard. You will then be directed to the dashboard editor.
         
        •  
      •  
        Create New Visualization If you need a custom visualization that’s not in the list, use the New Visualization button. This action will open the Visualization Editor, where you can create a custom visualization from scratch.
         
        •  
       
      To see how to create a a visualization go to Link
       
         
      • Configure and Save Dashboard In the dashboard editor, you can arrange, resize, and modify the visualizations as needed. Once you’re satisfied with the layout, give your dashboard a unique name, an optional description, and save it for future use.
        •  
       
      By following these steps, you can create custom, insightful dashboards to analyze and visualize your data effectively with UTMStack.
       
        Dashboard Editor 
       
      dashobard view
       
      Each visualization on your dashboard comes with a set of options:
       
         
      1. Visualization Options 
           
        • Edit Visualization: This option allows you to modify the selected visualization’s parameters directly from the dashboard. The visualization builder provides a variety of tools to manipulate your data for more accurate representation.
          •  
         
        2.  
       
         
      •  
        Edit Panel: This option lets you change the name of the visualization panel. An appropriate name can make it easier to understand the visualization’s purpose at a glance.
         
        •  
      •  
        Disable/Enable Time Filter: This option lets you enable or disable the time filter for the specific visualization. It can be helpful when you need a visualization to display data from a different time range than the dashboard’s global time filter.
         
        •  
       
         
      1. Delete Visualization The delete option allows you to remove any unwanted visualization from your dashboard.
        2.  
       
      Resize and Reposition Visualizations Each visualization in your dashboard can be resized and repositioned to best fit your needs. Click and drag the lower right corner of a visualization to resize it, or click and drag the visualization’s title bar to reposition it.
       
      Add Filter Use the Add Filter option to narrow down the data displayed in your visualizations. This can be particularly useful when you want to filter specific fields of your datasource.
       
      dashobard view
       
      When creating a filter, you can define various parameters:
       
         
      • Label: Provide a name for your filter for easy identification.
        •  
      • Source: Select the index pattern that the filter will apply to.
        •  
      • Field: Select the specific field within the chosen index pattern.
        •  
      • Allow Search Values: Enable this option to allow users to search for specific values within the field.
        •  
      • Allow Clear Values: Enable this option to allow users to clear the selected values.
        •  
      • Placeholder: Provide a placeholder text to be displayed when no value is selected.
        •  
      • Loading Text: Specify the text displayed while the filter loads data.
        •  
       
         
      1. Save Dashboard
        2.  
       
      After creating and arranging your visualizations in the Dashboard Editor, it’s time to save your work. UTMStack provides a variety of saving options to best accommodate your needs.
       
      dashobard view
       
         
      •  
        Name: Provide a unique name for your dashboard. This name will help identify your dashboard in the list of available dashboards.
         
        •  
      •  
        Description: Add a brief description of your dashboard. This should include information about the dashboard’s purpose, the type of data it’s presenting, and any other relevant details.
         
        •  
      •  
        Auto Refresh Dashboard: Enable this option if you want your dashboard to automatically update with the latest data at regular intervals.
         
           
        • Auto Refresh Time: If you have enabled the auto-refresh option, specify the frequency at which the dashboard should refresh.
          •  
         
        •  
      • Add Dashboard to Menu?: If you want your dashboard to be easily accessible from the main menu, enable this option. 
           
        • Menu List: Select in wich menu list you want to add the dashboard, default Dashboards.
          •  
         
        •  
      •  
        Name in Menu: If you have chosen to add the dashboard to the menu, specify the name as it should appear in the menu.
         
        •  
      •  
        Is this Menu Active?: Indicate whether the menu containing your dashboard should be active or inactive. An active menu is visible to users, while an inactive one is hidden.
         
        •  
      •  
        Authorities: Specify who has access to this dashboard. You can choose by roles (for example ROLE_ADMIN or ROLE_USER)
         
        •  
      • Save as new dashboard?: If you’ve made changes to an existing dashboard but want to keep the original version, check this box to save your work as a new dashboard.
        •  
       
      After adjusting these settings to your satisfaction, click “Save” to store your dashboard. Your custom dashboard is now ready for use and can be accessed anytime you need it.
       
       
       
       
        
diff --git a/_site/UTMStackComponents/Dashboards/README.html b/_site/UTMStackComponents/Dashboards/README.html
index 807c63a..5cee4f2 100644
--- a/_site/UTMStackComponents/Dashboards/README.html
+++ b/_site/UTMStackComponents/Dashboards/README.html
@@ -1 +1 @@
-          Dashboards | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
       
        Documentation     
        
       This site uses Just the Docs, a documentation theme for Jekyll. 
       
       
       
       
       
         
       
       
       
       
       
       
        Dashboards 
       
      dashobard view
       
        Overview 
       
      The UTMStack Dashboard is a comprehensive interface that displays a collection of visualizations and searches. This one-stop hub offers critical insights into user activity, alerts, vulnerabilities, and network traffic within your organization. Equipped with a variety of visualization types, UTMStack streamlines security monitoring and analysis for a more secure network environment.
       
      In this guide, we will walk through the Dashboard feature of UTMStack. Learn how to create custom visualizations from your log, event, and alarm data and add them to a personalized dashboard for efficient viewing and tracking. This guide covers the steps to filter and edit visualizations and using aggregation and segmentation options for a deeper understanding of the data.
       
        Getting Started 
       
         
      1. After logging into UTMStack, navigate to the Dashboard tab.
        2.  
       
      dashobard view
       
         
      1. Click on New Dashboard
        2.  
       
      dashobard view
       
        Creating a New Dashboard 
       
      Upon clicking the New Dashboard option, a pop-up window appears on the right side of your screen. This window displays a list of pre-created visualizations, tailored based on the most common and useful visualizations requested by our users.
       
      dashobard view
       
      You can now select your preferred visualization for the dashboard you wish to create by checking the respective checkboxes. For example, we are going to create a dashboard for manage the logon failure, using the Top 5 User Logon Failures, Top 5 Failure Reason Local Logon Failures, and Detail User Logon Failure visualizations.
       
      Now we click in the + Add visualizations buttons in the botton of the windows.
       
      dashobard view
       
      Upon closing the window, you’ll be directed to the Dashboard view editor, featuring the selected visualizations.
       
      dashobard view
       
      You can now add other visualizations, modify the size, position, and date range of your selected visualizations, or customize these visualizations to meet your specific requirements.
       
      When you’ve finished configuring your dashboard, press the Save Dashboard button. You will need to provide a name for your dashboard and may also add a description (optional).
       
      In the Dashboard List, you can use the search bar to quickly locate the dashboard you’ve just created.
       
      dashobard view
       
      Congratulations, your dashboard is now created and ready for use. You can click in the elements to get the data that is visualized in the chart.
       
      You can use the Save to PDF button to export the dashboard visualizations to a PDF file.
       
      dashobard view
       
       
      Table of contents
        
       
       
       
        
+          Dashboards | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
       
        Documentation     
        
       This site uses Just the Docs, a documentation theme for Jekyll. 
       
       
       
       
       
         
       
       
       
       
       
       
        Dashboards 
       
      dashobard view
       
        Overview 
       
      The UTMStack Dashboard is a comprehensive interface that displays a collection of visualizations and searches. This one-stop hub offers critical insights into user activity, alerts, vulnerabilities, and network traffic within your organization. Equipped with a variety of visualization types, UTMStack streamlines security monitoring and analysis for a more secure network environment.
       
      In this guide, we will walk through the Dashboard feature of UTMStack. Learn how to create custom visualizations from your log, event, and alarm data and add them to a personalized dashboard for efficient viewing and tracking. This guide covers the steps to filter and edit visualizations and using aggregation and segmentation options for a deeper understanding of the data.
       
        Getting Started 
       
         
      1. After logging into UTMStack, navigate to the Dashboard tab.
        2.  
       
      dashobard view
       
         
      1. Click on New Dashboard
        2.  
       
      dashobard view
       
        Creating a New Dashboard 
       
      Upon clicking the New Dashboard option, a pop-up window appears on the right side of your screen. This window displays a list of pre-created visualizations, tailored based on the most common and useful visualizations requested by our users.
       
      dashobard view
       
      You can now select your preferred visualization for the dashboard you wish to create by checking the respective checkboxes. For example, we are going to create a dashboard for manage the logon failure, using the Top 5 User Logon Failures, Top 5 Failure Reason Local Logon Failures, and Detail User Logon Failure visualizations.
       
      Now we click in the + Add visualizations buttons in the botton of the windows.
       
      dashobard view
       
      Upon closing the window, you’ll be directed to the Dashboard view editor, featuring the selected visualizations.
       
      dashobard view
       
      You can now add other visualizations, modify the size, position, and date range of your selected visualizations, or customize these visualizations to meet your specific requirements.
       
      When you’ve finished configuring your dashboard, press the Save Dashboard button. You will need to provide a name for your dashboard and may also add a description (optional).
       
      In the Dashboard List, you can use the search bar to quickly locate the dashboard you’ve just created.
       
      dashobard view
       
      Congratulations, your dashboard is now created and ready for use. You can click in the elements to get the data that is visualized in the chart.
       
      You can use the Save to PDF button to export the dashboard visualizations to a PDF file.
       
      dashobard view
       
       
      Table of contents
        
       
       
       
        
diff --git a/_site/UTMStackComponents/Dashboards/VisualizationCreation.html b/_site/UTMStackComponents/Dashboards/VisualizationCreation.html
index c4a5679..3eefcc6 100644
--- a/_site/UTMStackComponents/Dashboards/VisualizationCreation.html
+++ b/_site/UTMStackComponents/Dashboards/VisualizationCreation.html
@@ -1 +1 @@
-          Creating a Visualization | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
       
        Documentation     
        
       This site uses Just the Docs, a documentation theme for Jekyll. 
       
       
       
       
       
         
       
       
       
       
        
       
        Creating a New Visualization 
       
      UTMStack is a powerful solution that leverages the data capabilities of OpenSearch and Logstash to deliver impactful data visualization. By translating your organization’s data into visually appealing charts and graphs, UTMStack empowers users to derive meaningful insights seamlessly. This guide provides step-by-step instructions on creating a new visualization in UTMStack.
       
        How to Create a New Visualization 
       
         
      1. Navigate to the Dashboard Editor or Visualization Menu and click on the New Visualization button. This action opens the New Visualization window.
        2.  
       
      dashobard view
       
         
      1.  
        The New Visualization window requires two primary parameters to create a visualization:

         
           
        1. Source: The data source for your visualization can be any set of logs, events, or alarms that UTMStack has aggregated. 
          2.  
        2.  
          Chart Type: UTMStack supports various chart types, each catering to different data representation requirements:
           
             
          •  
            Line: Depicts data trends over time.
             
            •  
          •  
            Area: Similar to line charts, but the area beneath the line is filled, indicating volume.
             
            •  
          •  
            Bar: Useful for comparing quantities or frequencies across categories.
             
            •  
          •  
            Horizontal Bar: Similar to bar charts but oriented horizontally, these are particularly useful when category labels are long or numerous.
             
            •  
          •  
            Tag Cloud:Displays textual data, with the size of each tag corresponding to its frequency or significance.
             
            •  
          •  
            Table: Tables organize data into columns and rows, making it easy to compare multiple data points.
             
            •  
          •  
            List: Lists present data in an ordered or unordered format, perfect for simple, unstructured data.
             
            •  
          •  
            Gauge: Gauge charts are excellent for displaying progress or performance against a set goal.
             
            •  
          •  
            Goal: Goal charts show the progress towards a single, numeric target.
             
            •  
          •  
            Metric: Metric visualizations display a single, large number. It’s useful for highlighting a key figure.
             
            •  
          •  
            Region Map: Region maps show the coordinates in a geographic areas according to associated data values.
             
            •  
          • Heat Map: Represents numeric tabular data, with cell colors indicating the value.
            •  
          • Text: Text allows you to add descriptive text, titles, or notes to your dashboard.
            •  
           
          3.  
         
        2.  
       
      After determining the source and chart type, click Create Visualization to customize your visualization.
        
      dashobard view
       
      By default, UTMStack generates a generalized visualization based on the chosen aggregation metric (Count) and the selected chart type. Users can further refine this data using specific aggregation buckets. For an in-depth understanding of metric aggregations and bucket aggregations associated with each chart type, please refer to the respective chart’s documentation section.
       
        Applying Filters to Visualizations 
       
      dashobard view
       
      One of the critical steps in creating a visualization is filtering the data you want to display. This involves comparing a specific field with a selected value using an operator.
       
      For instance, suppose you want to create a visualization focusing on Office 365 logon failures. In this case, select the field logx.o365.ResultStatus.keyword and apply the IS operator to check for equality to the value Failure.This filter will limit the visualization to the unsuccessful login attempts in Office 365.
       
        Understanding Filter Operators 
       
      Filter operators in UTMStack help fine-tune data selection within visualizations. Here are the available operators and their functionalities:
       
         
      •  
        Is: This operator selects all data entries matching the specific value chosen.
         
        •  
      •  
        Is Not: Contrary to ‘Is’, this operator selects all data entries that do not match the specific value chosen.
         
        •  
      •  
        Is One Of: This operator selects all data entries that match any value from a set of values specified.
         
        •  
      •  
        Is Not One Of: This operator selects all data entries that do not match any value from a set of values specified.
         
        •  
      •  
        Exists: This operator selects all data entries where the specified field exists.
         
        •  
      •  
        Does Not Exist: This operator selects all data entries where the specified field does not exist.
         
        •  
      •  
        Is Between: This operator selects numeric data within a specific value range. The range must align with the input pattern for each data field. For instance, the pattern for @timestamp is YYYY-MM-DDTHH:MM: SS.MsMsMsZ (2021-12-12T02:30:00.000Z.)
         
        •  
      •  
        Is Not Between: This operator selects numeric data not within a specific value range.
         
        •  
      •  
        Contains: This operator selects all data entries containing a specific string.
         
        •  
      •  
        Does Not Contain: This operator selects all data entries that do not contain a specific string.
         
        •  
      •  
        Starts With: This operator selects all data entries that start with a specific string.
         
        •  
      •  
        Does Not Start With: This operator selects all data entries that do not start with a specific string.
         
        •  
      •  
        Ends With: This operator selects all data entries that end with a specific string.
         
        •  
      •  
        Does Not End With: This operator selects all data entries that do not end with a specific string.
         
        •  
       
      The applied filters appear at the top of the interface, where they can be edited, deleted, or reverted as needed.
       
      dashobard view
       
      Having selected your chart type and set up your filters, the next step involves adjusting specific parameters to your chosen chart type. For detailed instructions on how to proceed with each type of chart, please refer to the respective sections Chart Types.
        
      When you open the Visualization Editor, you will find a menu on the left side of the interface:
       
      dashobard view
       
      The menu displayed highlights the index pattern being used as the foundation for the current visualization And the Run button to generate a preview of the updated chart.
       
      It also offers three key functionalities for customizing your chart:
       
         
      • Data: This option enables you to define the value axis of your chart by choosing suitable metric aggregations and bucket agregations.
        •  
      • Options: Utilize this section to personalize your chart’s aesthetics and fine details to your liking.
        •  
      • One Click: This interactive feature requires the presence of at least one bucket. Clicking on a specific data point or series on the chart triggers a redirection to the category (ALERTS, EVENTS, or VULNERABILITIES) initially chosen during chart creation. The resultant view is filtered based on the series you clicked on.
        •  
       
        Configuring Metric and Bucket Aggregations for Charts 
       
      In UTMStack, crafting the right visualization involves the careful selection and application of metric and bucket aggregations. These play a pivotal role in determining how your data is analyzed and presented.
       
      dashobard view
       
         
      1. Metric Aggregation Choose the right metric aggregations for your chart. UTMStack offers several aggregations options:
        2.  
       
         
      • Count: Returns a raw count of the elements in the selected index pattern.
        •  
      • Average: Returns the average of a numeric field. You’ll need to select the appropriate field from the drop-down.
        •  
      • Sum: Returns the total sum of a numeric field. Choose the relevant field from the drop-down.
        •  
      • Min: Returns the minimum value of a numeric field. Select the corresponding field from the drop-down.
        •  
      • Max: Returns the maximum value of a numeric field. Choose the appropriate field from the drop-down.
        •  
      • Unique Count: Returns the number of unique values in a field (cardinality aggregation). Select the relevant field from the drop-down.
        •  
       
      For each aggregation, you can change the default display label by entering a custom string in the “Custom Label” field.
       
      The Add Metrics button and the red cross symbol allow you to add or remove aggregations as per your needs.
       
         
      1. Bucket Aggregation Bucket aggregation serves to categorize data based on specific criteria, enabling meaningful insights. The two bucket aggregation types in UTMStack are:
        2.  
       
         
      •  
        Date Histogram: This type constructs a date-wise distribution based on a numeric field. Here, you need to pick a field representing the timeline and stipulate a minimum time frame (options include minute, hourly, daily, weekly, monthly, or yearly) in the Minimum intervals. For a custom interval frame, select the Custom interval option and specify a time unit. Time units can be milliseconds (ms), seconds (s), minutes (m), hours (h), or days (d). The Custom Label field allows you to modify the display label.
         
        •  
      •  
        Terms Terms bucket aggregation categorizes data into buckets based on distinct values present in a specified field. These buckets are dynamically generated, each corresponding to a term found in the data field. This approach is beneficial when you want to analyze and visualize data with distinct or categorical values.
         
        •  
       
      Here’s how you can configure the Terms bucket aggregation in UTMStack:
       
         
      • Field: Choose the field from which the terms for the buckets will be derived. This field will be the basis for categorizing the data into different buckets.
        •  
      • Order By: Decide how the buckets should be ordered. You can order them based on a metric (e.g., count, sum, average, min, max, etc.) or alphabetically (by term). The bucket with the highest value in the selected metric or alphabetical term will be presented first, depending on your chosen sort direction.
        •  
      • Order: Define the sort direction of the buckets. You can sort the buckets in either ascending or descending order.
        •  
      • Size: Specify the number of terms/buckets that should be returned per page.
        •  
      • Custom Label: If you want to change the default label for the buckets, enter your desired text in the Custom Label field.
        •  
       
       
       
       
        
+          Creating a Visualization | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
       
        Documentation     
        
       This site uses Just the Docs, a documentation theme for Jekyll. 
       
       
       
       
       
         
       
       
       
       
        
       
        Creating a New Visualization 
       
      UTMStack is a powerful solution that leverages the data capabilities of OpenSearch and Logstash to deliver impactful data visualization. By translating your organization’s data into visually appealing charts and graphs, UTMStack empowers users to derive meaningful insights seamlessly. This guide provides step-by-step instructions on creating a new visualization in UTMStack.
       
        How to Create a New Visualization 
       
         
      1. Navigate to the Dashboard Editor or Visualization Menu and click on the New Visualization button. This action opens the New Visualization window.
        2.  
       
      dashobard view
       
         
      1.  
        The New Visualization window requires two primary parameters to create a visualization:

         
           
        1. Source: The data source for your visualization can be any set of logs, events, or alarms that UTMStack has aggregated. 
          2.  
        2.  
          Chart Type: UTMStack supports various chart types, each catering to different data representation requirements:
           
             
          •  
            Line: Depicts data trends over time.
             
            •  
          •  
            Area: Similar to line charts, but the area beneath the line is filled, indicating volume.
             
            •  
          •  
            Bar: Useful for comparing quantities or frequencies across categories.
             
            •  
          •  
            Horizontal Bar: Similar to bar charts but oriented horizontally, these are particularly useful when category labels are long or numerous.
             
            •  
          •  
            Tag Cloud:Displays textual data, with the size of each tag corresponding to its frequency or significance.
             
            •  
          •  
            Table: Tables organize data into columns and rows, making it easy to compare multiple data points.
             
            •  
          •  
            List: Lists present data in an ordered or unordered format, perfect for simple, unstructured data.
             
            •  
          •  
            Gauge: Gauge charts are excellent for displaying progress or performance against a set goal.
             
            •  
          •  
            Goal: Goal charts show the progress towards a single, numeric target.
             
            •  
          •  
            Metric: Metric visualizations display a single, large number. It’s useful for highlighting a key figure.
             
            •  
          •  
            Region Map: Region maps show the coordinates in a geographic areas according to associated data values.
             
            •  
          • Heat Map: Represents numeric tabular data, with cell colors indicating the value.
            •  
          • Text: Text allows you to add descriptive text, titles, or notes to your dashboard.
            •  
           
          3.  
         
        2.  
       
      After determining the source and chart type, click Create Visualization to customize your visualization.
        
      dashobard view
       
      By default, UTMStack generates a generalized visualization based on the chosen aggregation metric (Count) and the selected chart type. Users can further refine this data using specific aggregation buckets. For an in-depth understanding of metric aggregations and bucket aggregations associated with each chart type, please refer to the respective chart’s documentation section.
       
        Applying Filters to Visualizations 
       
      dashobard view
       
      One of the critical steps in creating a visualization is filtering the data you want to display. This involves comparing a specific field with a selected value using an operator.
       
      For instance, suppose you want to create a visualization focusing on Office 365 logon failures. In this case, select the field logx.o365.ResultStatus.keyword and apply the IS operator to check for equality to the value Failure.This filter will limit the visualization to the unsuccessful login attempts in Office 365.
       
        Understanding Filter Operators 
       
      Filter operators in UTMStack help fine-tune data selection within visualizations. Here are the available operators and their functionalities:
       
         
      •  
        Is: This operator selects all data entries matching the specific value chosen.
         
        •  
      •  
        Is Not: Contrary to ‘Is’, this operator selects all data entries that do not match the specific value chosen.
         
        •  
      •  
        Is One Of: This operator selects all data entries that match any value from a set of values specified.
         
        •  
      •  
        Is Not One Of: This operator selects all data entries that do not match any value from a set of values specified.
         
        •  
      •  
        Exists: This operator selects all data entries where the specified field exists.
         
        •  
      •  
        Does Not Exist: This operator selects all data entries where the specified field does not exist.
         
        •  
      •  
        Is Between: This operator selects numeric data within a specific value range. The range must align with the input pattern for each data field. For instance, the pattern for @timestamp is YYYY-MM-DDTHH:MM: SS.MsMsMsZ (2021-12-12T02:30:00.000Z.)
         
        •  
      •  
        Is Not Between: This operator selects numeric data not within a specific value range.
         
        •  
      •  
        Contains: This operator selects all data entries containing a specific string.
         
        •  
      •  
        Does Not Contain: This operator selects all data entries that do not contain a specific string.
         
        •  
      •  
        Starts With: This operator selects all data entries that start with a specific string.
         
        •  
      •  
        Does Not Start With: This operator selects all data entries that do not start with a specific string.
         
        •  
      •  
        Ends With: This operator selects all data entries that end with a specific string.
         
        •  
      •  
        Does Not End With: This operator selects all data entries that do not end with a specific string.
         
        •  
       
      The applied filters appear at the top of the interface, where they can be edited, deleted, or reverted as needed.
       
      dashobard view
       
      Having selected your chart type and set up your filters, the next step involves adjusting specific parameters to your chosen chart type. For detailed instructions on how to proceed with each type of chart, please refer to the respective sections Chart Types.
        
      When you open the Visualization Editor, you will find a menu on the left side of the interface:
       
      dashobard view
       
      The menu displayed highlights the index pattern being used as the foundation for the current visualization And the Run button to generate a preview of the updated chart.
       
      It also offers three key functionalities for customizing your chart:
       
         
      • Data: This option enables you to define the value axis of your chart by choosing suitable metric aggregations and bucket agregations.
        •  
      • Options: Utilize this section to personalize your chart’s aesthetics and fine details to your liking.
        •  
      • One Click: This interactive feature requires the presence of at least one bucket. Clicking on a specific data point or series on the chart triggers a redirection to the category (ALERTS, EVENTS, or VULNERABILITIES) initially chosen during chart creation. The resultant view is filtered based on the series you clicked on.
        •  
       
        Configuring Metric and Bucket Aggregations for Charts 
       
      In UTMStack, crafting the right visualization involves the careful selection and application of metric and bucket aggregations. These play a pivotal role in determining how your data is analyzed and presented.
       
      dashobard view
       
         
      1. Metric Aggregation Choose the right metric aggregations for your chart. UTMStack offers several aggregations options:
        2.  
       
         
      • Count: Returns a raw count of the elements in the selected index pattern.
        •  
      • Average: Returns the average of a numeric field. You’ll need to select the appropriate field from the drop-down.
        •  
      • Sum: Returns the total sum of a numeric field. Choose the relevant field from the drop-down.
        •  
      • Min: Returns the minimum value of a numeric field. Select the corresponding field from the drop-down.
        •  
      • Max: Returns the maximum value of a numeric field. Choose the appropriate field from the drop-down.
        •  
      • Unique Count: Returns the number of unique values in a field (cardinality aggregation). Select the relevant field from the drop-down.
        •  
       
      For each aggregation, you can change the default display label by entering a custom string in the “Custom Label” field.
       
      The Add Metrics button and the red cross symbol allow you to add or remove aggregations as per your needs.
       
         
      1. Bucket Aggregation Bucket aggregation serves to categorize data based on specific criteria, enabling meaningful insights. The two bucket aggregation types in UTMStack are:
        2.  
       
         
      •  
        Date Histogram: This type constructs a date-wise distribution based on a numeric field. Here, you need to pick a field representing the timeline and stipulate a minimum time frame (options include minute, hourly, daily, weekly, monthly, or yearly) in the Minimum intervals. For a custom interval frame, select the Custom interval option and specify a time unit. Time units can be milliseconds (ms), seconds (s), minutes (m), hours (h), or days (d). The Custom Label field allows you to modify the display label.
         
        •  
      •  
        Terms Terms bucket aggregation categorizes data into buckets based on distinct values present in a specified field. These buckets are dynamically generated, each corresponding to a term found in the data field. This approach is beneficial when you want to analyze and visualize data with distinct or categorical values.
         
        •  
       
      Here’s how you can configure the Terms bucket aggregation in UTMStack:
       
         
      • Field: Choose the field from which the terms for the buckets will be derived. This field will be the basis for categorizing the data into different buckets.
        •  
      • Order By: Decide how the buckets should be ordered. You can order them based on a metric (e.g., count, sum, average, min, max, etc.) or alphabetically (by term). The bucket with the highest value in the selected metric or alphabetical term will be presented first, depending on your chosen sort direction.
        •  
      • Order: Define the sort direction of the buckets. You can sort the buckets in either ascending or descending order.
        •  
      • Size: Specify the number of terms/buckets that should be returned per page.
        •  
      • Custom Label: If you want to change the default label for the buckets, enter your desired text in the Custom Label field.
        •  
       
       
       
       
        
diff --git a/_site/UTMStackComponents/Dashboards/VisualizationList.html b/_site/UTMStackComponents/Dashboards/VisualizationList.html
index 8f4e3ce..3da6343 100644
--- a/_site/UTMStackComponents/Dashboards/VisualizationList.html
+++ b/_site/UTMStackComponents/Dashboards/VisualizationList.html
@@ -1 +1 @@
-          Visualization List | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
       
        Documentation     
        
       This site uses Just the Docs, a documentation theme for Jekyll. 
       
       
       
       
       
         
       
       
       
       
        
       
        Visualizations List 
       
      The Visualizations List in UTMStack is your central hub for managing all visualizations in one place. With a simple yet powerful interface, it offers quick access to crucial visualization details and essential operations. This guide will walk you through the main components of the Visualizations List.
       
      dashobard view
       
         
      1. Filter Search The Filter Search panel, located on the left side of the Visualizations List, allows for efficient navigation through your visualizations.
        2.  
       
      dashobard view
       
      You can filter the list based on the following parameters:
       
         
      • Visualization Name: Filter by the name of the visualization.
        •  
      • Chart Type: Filter by the type of chart used in the visualization (e.g., bar, line, pie).
        •  
      • Source: Filter by the index pattern used for the visualization.
        •  
      • Created At: Filter by the date the visualization was created.
        •  
      • Modified At: Filter by the date the visualization was last updated.
        •  
       
      Each filter field helps refine the visualizations displayed, aiding in quickly locating the visualization you need.
       
         
      1. List of Visualizations The main body of the Visualizations List displays the visualizations available to you.
        2.  
       
      dashobard view
       
      For each visualization, you’ll find:
       
         
      • Name: The unique identifier for the visualization.
        •  
      • Comments: Any additional comments or descriptions for the visualization.
        •  
      • Index Pattern: The specific data source pattern used in the visualization.
        •  
      • Last Modified: The date and time of the last update made to the visualization.
        •  
      • Action : Each visualization entry also has an Actions column, with buttons for: 
           
        • Edit: Opens the visualization for modification.
          •  
        • Delete: Permanently removes the visualization from the list.
          •  
         
        •  
       
         
      1.  
        Import Visualization The Import Visualization button allows you to import previously exported visualizations, facilitating easy replication of visualizations across different dashboards or UTMStack instances.
         
        2.  
      2.  
        New Visualization The New Visualization button opens the Visualization Editor, providing a platform to create custom visualizations from scratch. Here, you can define data source, set filters, and specify other parameters to build your visualization.
         
        3.  
       
      dashobard view
       
      Understanding the Visualizations List’s components empowers you to manage your visualizations more effectively, leading to efficient monitoring and analysis processes within UTMStack.
       
       
       
       
        
+          Visualization List | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
       
        Documentation     
        
       This site uses Just the Docs, a documentation theme for Jekyll. 
       
       
       
       
       
         
       
       
       
       
        
       
        Visualizations List 
       
      The Visualizations List in UTMStack is your central hub for managing all visualizations in one place. With a simple yet powerful interface, it offers quick access to crucial visualization details and essential operations. This guide will walk you through the main components of the Visualizations List.
       
      dashobard view
       
         
      1. Filter Search The Filter Search panel, located on the left side of the Visualizations List, allows for efficient navigation through your visualizations.
        2.  
       
      dashobard view
       
      You can filter the list based on the following parameters:
       
         
      • Visualization Name: Filter by the name of the visualization.
        •  
      • Chart Type: Filter by the type of chart used in the visualization (e.g., bar, line, pie).
        •  
      • Source: Filter by the index pattern used for the visualization.
        •  
      • Created At: Filter by the date the visualization was created.
        •  
      • Modified At: Filter by the date the visualization was last updated.
        •  
       
      Each filter field helps refine the visualizations displayed, aiding in quickly locating the visualization you need.
       
         
      1. List of Visualizations The main body of the Visualizations List displays the visualizations available to you.
        2.  
       
      dashobard view
       
      For each visualization, you’ll find:
       
         
      • Name: The unique identifier for the visualization.
        •  
      • Comments: Any additional comments or descriptions for the visualization.
        •  
      • Index Pattern: The specific data source pattern used in the visualization.
        •  
      • Last Modified: The date and time of the last update made to the visualization.
        •  
      • Action : Each visualization entry also has an Actions column, with buttons for: 
           
        • Edit: Opens the visualization for modification.
          •  
        • Delete: Permanently removes the visualization from the list.
          •  
         
        •  
       
         
      1.  
        Import Visualization The Import Visualization button allows you to import previously exported visualizations, facilitating easy replication of visualizations across different dashboards or UTMStack instances.
         
        2.  
      2.  
        New Visualization The New Visualization button opens the Visualization Editor, providing a platform to create custom visualizations from scratch. Here, you can define data source, set filters, and specify other parameters to build your visualization.
         
        3.  
       
      dashobard view
       
      Understanding the Visualizations List’s components empowers you to manage your visualizations more effectively, leading to efficient monitoring and analysis processes within UTMStack.
       
       
       
       
        
diff --git a/_site/UTMStackComponents/Incidents/IncidentResponseAutomation.html b/_site/UTMStackComponents/Incidents/IncidentResponseAutomation.html
index 866072d..826f19c 100644
--- a/_site/UTMStackComponents/Incidents/IncidentResponseAutomation.html
+++ b/_site/UTMStackComponents/Incidents/IncidentResponseAutomation.html
@@ -1 +1 @@
-          Incident Response Automation | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
       
        Documentation     
        
       This site uses Just the Docs, a documentation theme for Jekyll. 
       
       
       
       
       
         
       
       
       
       
        
       
        Incident Response Automation 
       
      The Incident Response Automation feature in UTMStack empowers organizations to automate actions based on triggers in incident fields. This functionality enhances the efficiency and effectiveness of the incident response strategy by executing predefined actions automatically. By leveraging triggers and actions, organizations can streamline and expedite the incident response process.
       
        Incident Response Dashboard View 
       
      Dashboard View
       
        Incidents response Automation Grid 
       
      The Incidents response Automation Grid is a pivotal component of the Incident Response page, providing a comprehensive snapshot of all Inciden Response Automation Rules. Each row or entry within the grid pertains to a unique command execution and unveils key details such as:
       
         
      • Rule name: Identifies the rule name.
        •  
      • Status: Represents the status of the rule (active, inactive).
        •  
      • Description: Provides a description of the rule.
        •  
      • Modify By: Displays the name of the last user who modified the rule.
        •  
      • Modify At: Shows the date of the last modification of the rule.
        •  
      • Trigger Condition: Indicates the total number of conditions used for this rule.
        •  
      • Command: Displays a preview of the instruction that is going to be executed.
        •  
      • Platform: Specifies the platform where the command is going to be executed.
        •  
      • Action: Provides options to edit or delete the automation rule.
        •  
       
        Filters 
       
      To expedite the search for specific automation rules, the Incident Response Automation page features a Filters section. This allows users to refine the command list based on parameters such as status, platform, user, or rule name.
       
        Automation Rule Details 
       
      Clicking on an automation rule opens a new window displaying the automation rule details.
       
      Automation Rule Details
       
      The details include:
       
         
      • Description: Provides a description of the automation rule.
        •  
      • Execute on agents with: Specifies the required operating system to execute the command.
        •  
      • Excluding: Lists the agents excluded from the execution.
        •  
      • Trigger when: Describes the rule conditions based on the incident fields that trigger the execution.
        •  
      • Execution Command: Displays the command that is going to be executed when the alert triggers.
        •  
      • Rule History: Shows the history of changes for the Rule.
        •  
       
        Create Automation Rule 
       
      The ‘Create Automation’ button at the top-right corner of the dashboard provides an option to create a new automation rule. It guides users through the steps for creating an Incident Response Automation.
       
      Create Automation Rule
       
        Step 1: Automation Information 
       
      Step 1: Automation Information
       
      The first step is to provide a name and description for the automation rule. Both can contain spaces.
       
        Step 2: Trigger Configuration 
       
      Step 2: Trigger Configuration
       
      The second step is to configure the conditions for executing the command. Users can add multiple conditions based on the incident fields. The conditions are exact matches.
       
      Users can also specify the agent platform where the command will be executed and exclude any specific agents if desired.
       
        Step 3: Action Configuration 
       
      Step 3: Action Configuration
       
      The last step is to define the action through a command line that will be executed on the device. By pressing the TAB key, users can access alert fields and incorporate them into the command execution by simply clicking on them.
       
        Conclusion 
       
      By automating actions based on incident triggers, organizations can streamline their incident response process, reduce response times, minimize errors, and ensure consistent and standardized incident handling. The Incident Response Automation feature empowers organizations to enhance their incident response capabilities and mitigate the impact of security incidents more efficiently.
       
       
       
       
        
+          Incident Response Automation | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
       
        Documentation     
        
       This site uses Just the Docs, a documentation theme for Jekyll. 
       
       
       
       
       
         
       
       
       
       
        
       
        Incident Response Automation 
       
      The Incident Response Automation feature in UTMStack empowers organizations to automate actions based on triggers in incident fields. This functionality enhances the efficiency and effectiveness of the incident response strategy by executing predefined actions automatically. By leveraging triggers and actions, organizations can streamline and expedite the incident response process.
       
        Incident Response Dashboard View 
       
      Dashboard View
       
        Incidents response Automation Grid 
       
      The Incidents response Automation Grid is a pivotal component of the Incident Response page, providing a comprehensive snapshot of all Inciden Response Automation Rules. Each row or entry within the grid pertains to a unique command execution and unveils key details such as:
       
         
      • Rule name: Identifies the rule name.
        •  
      • Status: Represents the status of the rule (active, inactive).
        •  
      • Description: Provides a description of the rule.
        •  
      • Modify By: Displays the name of the last user who modified the rule.
        •  
      • Modify At: Shows the date of the last modification of the rule.
        •  
      • Trigger Condition: Indicates the total number of conditions used for this rule.
        •  
      • Command: Displays a preview of the instruction that is going to be executed.
        •  
      • Platform: Specifies the platform where the command is going to be executed.
        •  
      • Action: Provides options to edit or delete the automation rule.
        •  
       
        Filters 
       
      To expedite the search for specific automation rules, the Incident Response Automation page features a Filters section. This allows users to refine the command list based on parameters such as status, platform, user, or rule name.
       
        Automation Rule Details 
       
      Clicking on an automation rule opens a new window displaying the automation rule details.
       
      Automation Rule Details
       
      The details include:
       
         
      • Description: Provides a description of the automation rule.
        •  
      • Execute on agents with: Specifies the required operating system to execute the command.
        •  
      • Excluding: Lists the agents excluded from the execution.
        •  
      • Trigger when: Describes the rule conditions based on the incident fields that trigger the execution.
        •  
      • Execution Command: Displays the command that is going to be executed when the alert triggers.
        •  
      • Rule History: Shows the history of changes for the Rule.
        •  
       
        Create Automation Rule 
       
      The ‘Create Automation’ button at the top-right corner of the dashboard provides an option to create a new automation rule. It guides users through the steps for creating an Incident Response Automation.
       
      Create Automation Rule
       
        Step 1: Automation Information 
       
      Step 1: Automation Information
       
      The first step is to provide a name and description for the automation rule. Both can contain spaces.
       
        Step 2: Trigger Configuration 
       
      Step 2: Trigger Configuration
       
      The second step is to configure the conditions for executing the command. Users can add multiple conditions based on the incident fields. The conditions are exact matches.
       
      Users can also specify the agent platform where the command will be executed and exclude any specific agents if desired.
       
        Step 3: Action Configuration 
       
      Step 3: Action Configuration
       
      The last step is to define the action through a command line that will be executed on the device. By pressing the TAB key, users can access alert fields and incorporate them into the command execution by simply clicking on them.
       
        Conclusion 
       
      By automating actions based on incident triggers, organizations can streamline their incident response process, reduce response times, minimize errors, and ensure consistent and standardized incident handling. The Incident Response Automation feature empowers organizations to enhance their incident response capabilities and mitigate the impact of security incidents more efficiently.
       
       
       
       
        
diff --git a/_site/UTMStackComponents/Incidents/Incidents.html b/_site/UTMStackComponents/Incidents/Incidents.html
index fe58618..5aa7bdc 100644
--- a/_site/UTMStackComponents/Incidents/Incidents.html
+++ b/_site/UTMStackComponents/Incidents/Incidents.html
@@ -1 +1 @@
-          Incidents | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
       
        Documentation     
        
       This site uses Just the Docs, a documentation theme for Jekyll. 
       
       
       
       
       
         
       
       
       
       
        
       
        Incident Managment 
       
      The Incident Management page is a crucial component of the UTMStack platform, dedicated to providing a comprehensive overview of all incidents within your organization. Designed to echo the layout and functionality of the Threat Management’s Alert page, it ensures a seamless and consistent user experience across different modules.
       
      dashobard view
       
        Data Grid 
       
      The heart of the Incident Management page is the Data Grid. This is where you’ll find all the alerts escalated to incidents. Each row signifies a unique incident, providing crucial information like the incident’s name, severity, status, proposed solution, and the action taken. The grid’s contents can be sorted based on any field, allowing for a customized, user-specific view for easier navigation and handling.
       
        Filters 
       
      On the Incident page, the Filters section lets you drill down on specific incidents based on chosen criteria. Filterable fields include name, ID, severity, and status. This allows you to quickly find and respond to the most urgent incidents, enhancing your organization’s incident response capabilities.
       
        Operations 
       
      The Incident Management page extends its functionality by allowing you to perform several key operations on each incident. These include updating the incident’s status, adding notes for context, and executing a command for mitigation or resolution. This set of functionalities optimizes your incident response process, ensuring it remains efficient and effective.
       
      dashobard view
        
      By clicking on an incident, a window appears on the right side presenting detailed information about the incident, as well as alerts related to it. From this view, you can perform operations on the incident, inspect its history, or analyze associated alerts.
       
      dashobard view
       
      This consolidated view of incidents and related alerts boosts your understanding of the security incident landscape, aiding in faster and more informed decision-making.
       
       
       
       
        
+          Incidents | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
       
        Documentation     
        
       This site uses Just the Docs, a documentation theme for Jekyll. 
       
       
       
       
       
         
       
       
       
       
        
       
        Incident Managment 
       
      The Incident Management page is a crucial component of the UTMStack platform, dedicated to providing a comprehensive overview of all incidents within your organization. Designed to echo the layout and functionality of the Threat Management’s Alert page, it ensures a seamless and consistent user experience across different modules.
       
      dashobard view
       
        Data Grid 
       
      The heart of the Incident Management page is the Data Grid. This is where you’ll find all the alerts escalated to incidents. Each row signifies a unique incident, providing crucial information like the incident’s name, severity, status, proposed solution, and the action taken. The grid’s contents can be sorted based on any field, allowing for a customized, user-specific view for easier navigation and handling.
       
        Filters 
       
      On the Incident page, the Filters section lets you drill down on specific incidents based on chosen criteria. Filterable fields include name, ID, severity, and status. This allows you to quickly find and respond to the most urgent incidents, enhancing your organization’s incident response capabilities.
       
        Operations 
       
      The Incident Management page extends its functionality by allowing you to perform several key operations on each incident. These include updating the incident’s status, adding notes for context, and executing a command for mitigation or resolution. This set of functionalities optimizes your incident response process, ensuring it remains efficient and effective.
       
      dashobard view
        
      By clicking on an incident, a window appears on the right side presenting detailed information about the incident, as well as alerts related to it. From this view, you can perform operations on the incident, inspect its history, or analyze associated alerts.
       
      dashobard view
       
      This consolidated view of incidents and related alerts boosts your understanding of the security incident landscape, aiding in faster and more informed decision-making.
       
       
       
       
        
diff --git a/_site/UTMStackComponents/Incidents/README.html b/_site/UTMStackComponents/Incidents/README.html
index 3178bdc..a404014 100644
--- a/_site/UTMStackComponents/Incidents/README.html
+++ b/_site/UTMStackComponents/Incidents/README.html
@@ -1 +1 @@
-          Incident Management | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
       
        Documentation     
        
       This site uses Just the Docs, a documentation theme for Jekyll. 
       
       
       
       
       
         
       
       
       
       
       
       
        Incident Management Module 
       
      The Incident Management Module stands as a vital component of UTMStack, meticulously designed to address and manage any incidents surfacing within your organization’s digital domain. This module bifurcates into two primary sections: Incident Management and Incident Response.
       
      Dashboard View
       
        Incidents 
       
      In the Incident Management segment, you’re equipped with tools to manage, track, and effectively resolve incidents identified within your organizational framework. This section is not just about managing individual incidents. You can cluster a set of alerts to form an incident or even append new alerts to pre-existing incidents. This holistic approach ensures that your security teams efficiently navigate the incident lifecycle, stretching from the initial detection, effective classification, right up to its conclusive resolution.
       
        Incident Response Automation 
       
      Bolster your incident response strategy with the Incident Response Automation feature. This capability allows your organization to deploy automated actions conditioned on specific triggers present in incident fields. Harnessing this automation not only elevates the pace but also boosts the precision and uniformity of your incident response mechanism. It strategically offloads mundane tasks, allowing your team to channel their focus on mission-critical activities, thus curtailing the adverse aftermath of security breaches.
       
       
      Table of contents
        
       
       
       
        
+          Incident Management | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
       
        Documentation     
        
       This site uses Just the Docs, a documentation theme for Jekyll. 
       
       
       
       
       
         
       
       
       
       
       
       
        Incident Management Module 
       
      The Incident Management Module stands as a vital component of UTMStack, meticulously designed to address and manage any incidents surfacing within your organization’s digital domain. This module bifurcates into two primary sections: Incident Management and Incident Response.
       
      Dashboard View
       
        Incidents 
       
      In the Incident Management segment, you’re equipped with tools to manage, track, and effectively resolve incidents identified within your organizational framework. This section is not just about managing individual incidents. You can cluster a set of alerts to form an incident or even append new alerts to pre-existing incidents. This holistic approach ensures that your security teams efficiently navigate the incident lifecycle, stretching from the initial detection, effective classification, right up to its conclusive resolution.
       
        Incident Response Automation 
       
      Bolster your incident response strategy with the Incident Response Automation feature. This capability allows your organization to deploy automated actions conditioned on specific triggers present in incident fields. Harnessing this automation not only elevates the pace but also boosts the precision and uniformity of your incident response mechanism. It strategically offloads mundane tasks, allowing your team to channel their focus on mission-critical activities, thus curtailing the adverse aftermath of security breaches.
       
       
      Table of contents
        
       
       
       
        
diff --git a/_site/UTMStackComponents/Log Explorer/README.html b/_site/UTMStackComponents/Log Explorer/README.html
index 17118f8..db9d3b5 100644
--- a/_site/UTMStackComponents/Log Explorer/README.html	
+++ b/_site/UTMStackComponents/Log Explorer/README.html	
@@ -1 +1 @@
-          Log Explorer Module | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
       
        Documentation     
        
       This site uses Just the Docs, a documentation theme for Jekyll. 
       
       
       
       
       
         
       
       
       
       
       
       
        Log Explorer Module 
       
      The Log Explorer Module, a central element of UTMStack, is purpose-built to deliver an exhaustive and comprehensive view of an organization’s log data. This dynamic, highly interactive tool is engineered to provide real-time visibility into log data, allowing for immediate filtering and nuanced analysis. Its central role in the proactive monitoring and effective management of network activities is indispensable to a well-maintained cybersecurity infrastructure.
       
      vm settings
       
        Overview 
       
      The Log Explorer interface has been thoughtfully designed for seamless navigation and efficient functionality. The module’s centerpiece is the Data Grid, a feature offering an extensive view of an organization’s log data based on the defined datasource and query. This enables a logical grouping of queries based on user-defined filters, and the capacity to open multiple tabs for various queries. This level of customization empowers users to save their search criteria for future use, making the tool adaptable and time-efficient.
       
      In a concerted effort to make data analysis as user-friendly as possible, the Log Explorer module provides visually intuitive representations of logs. Interactive charts and graphs facilitate an at-a-glance understanding of data trends and patterns, simplifying the task of data interpretation.
       
        1. Source 
       
      A key aspect of the Log Explorer module is the source functionality. Serving as a crucial data filtering tool, it lets users narrow down their search to specific index patterns. For instance, users can confine their search, for example, to logs originating from Office365 exclusively, thereby eliminating unnecessary data noise.
       
      In addition, this module offers the flexibility to create custom index patterns or sources. This allows users to define search parameters that cater to their specific needs, providing a level of personalization that ensures a more targeted and efficient search experience.
       
        2. Filters 
       
      Serving as the backbone of the Log Explorer, the filtering functionality offers comprehensive data parsing based on the user’s search requirements. Filters can be defined to track logs from a specific computer, or to isolate logs pertaining to a specific operation, such as a log-in event. The versatility of these filters provides an unparalleled level of control over data analysis.
       
      vm settings
       
      The Log Explorer module simplifies filter creation by providing the option to add a filter based on a specific log field with a single click. This degree of simplicity ensures that users can focus more on the analysis and less on the process.
       
        3. Data Grid 
       
      The Data Grid is where the bulk of log information can be viewed, offering users the choice of viewing the data in a table or chart format. This visualization is predicated on a selected field, allowing for a high degree of customization. Users can also define the columns they want to see in the Table mode view, either through the Select fields option on the left, or by directly selecting a field in the log.
       
      vm settings
       
        4 The Log 
       
      The Log section offers a comprehensive view of all log information, ranging from agent_id, process name, to the source IP. This data can be viewed in two ways – either in a table view or in a JSON mode – depending on the user’s preference.
       
      vm settings
       
      The Table mode offers the added benefit of allowing the user to add filters based on the field and value of a specific log, or to create a column in the Data Grid table based on a specific field.
       
        4.1 Options 
       
      Each log field within the Log Explorer module provides two key options for users:
       
         
      •  
        Adding a filter: Based on the field and value of a specific log, users can swiftly add a filter. This feature further fine-tunes the data presented in the Data Grid, refining the log data to fit the user’s specific needs.
         
        •  
      •  
        Creating a column: Users can choose to create a new column in the Data Grid Table based on the field. This feature allows for immediate visibility and accessibility of key data points.
         
        •  
       
      vm settings
       
        5. Personalize Fields 
       
      You can also add or remove columns in the Data Grid view, based on the fields of the logs.
       
      vm settings
       
        5. Save the information 
       
      Users can refresh their data, save the current query for future use, or export the current data to a CSV file for offline analysis.
       
      vm settings
       
      For example, a filter to view all Office365 log-in activities could be saved for future use, negating the need to repeat the filter creation process.
       
      The option to view and manage stored queries also ensures that past investigations can be revisited with ease.
       
      By offering these customizable options, the Log Explorer module delivers an adaptable interface that caters to the specific requirements of individual users. Whether it’s streamlining data analysis by focusing on certain values or enhancing visibility of crucial data, these options ensure a more efficient and tailored log exploration experience.
       
        Office 365 Login Failure Analysis: Step-by-Step Guide Example 
       
      This example provides a comprehensive guide on how to utilize the Log Explorer module to create, configure, and save a query that focuses on all login failure events within Office 365 logs.
       
        Step 1. Source Selection 
       
      In the Source field, type and select “log-o365-*” from the dropdown list. This sets the data source to all Office 365 logs.
       
      vm settings
       
        Step 2. Filter Configuration: 
       
      a. Click on the ‘Add Filter’ button.
       
      b. In the Field dropdown, find and select logx.o365.Operation.keyword.
       
      c. In the Operator dropdown, select is.
       
      d. Type UserLoginFailed in the Value input box, indicating a login failure in your log system. Click Add Filter to apply this filter.
       
      vm settings
       
      After these steps, all the logs about User login failures in Office 365 are displayed. Users can now personalize the columns they see for an easy overview.
       
        Step 3. Column Selection 
       
      Option A:
       
      a. Click on the ‘Select fields’ on the left side of the Data Grid.
       
      b. From the dropdown list, find and select “Userid”, “Workload”, and “AuthenticationType”.
       
      vm settings
       
      Option B:
       
      a. In the Log list, switch to the Table mode view.
       
      b. From the field list, find and press the table icon next to the fields “userid”, “workload”, and “authenticationType”.
       
      vm settings
       
      These fields will be added to your Data Grid view.
       
      vm settings
       
        Save Query 
       
      Once your filters and columns are set up, click on the ‘Save’ button at the top right corner of the Data Grid.
       
      b. In the pop-up box, give your query a unique name, such as “Office365 Login Failures”, and provide a brief description if needed. Click ‘Save’ to finalize the process.
       
      vm settings
       
      Now, you can go to the Query List view by clicking the Queries button in the top right corner and use that query whenever you need.
       
      vm settings
       
       
       
       
        
+          Log Explorer Module | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
       
        Documentation     
        
       This site uses Just the Docs, a documentation theme for Jekyll. 
       
       
       
       
       
         
       
       
       
       
       
       
        Log Explorer Module 
       
      The Log Explorer Module, a central element of UTMStack, is purpose-built to deliver an exhaustive and comprehensive view of an organization’s log data. This dynamic, highly interactive tool is engineered to provide real-time visibility into log data, allowing for immediate filtering and nuanced analysis. Its central role in the proactive monitoring and effective management of network activities is indispensable to a well-maintained cybersecurity infrastructure.
       
      vm settings
       
        Overview 
       
      The Log Explorer interface has been thoughtfully designed for seamless navigation and efficient functionality. The module’s centerpiece is the Data Grid, a feature offering an extensive view of an organization’s log data based on the defined datasource and query. This enables a logical grouping of queries based on user-defined filters, and the capacity to open multiple tabs for various queries. This level of customization empowers users to save their search criteria for future use, making the tool adaptable and time-efficient.
       
      In a concerted effort to make data analysis as user-friendly as possible, the Log Explorer module provides visually intuitive representations of logs. Interactive charts and graphs facilitate an at-a-glance understanding of data trends and patterns, simplifying the task of data interpretation.
       
        1. Source 
       
      A key aspect of the Log Explorer module is the source functionality. Serving as a crucial data filtering tool, it lets users narrow down their search to specific index patterns. For instance, users can confine their search, for example, to logs originating from Office365 exclusively, thereby eliminating unnecessary data noise.
       
      In addition, this module offers the flexibility to create custom index patterns or sources. This allows users to define search parameters that cater to their specific needs, providing a level of personalization that ensures a more targeted and efficient search experience.
       
        2. Filters 
       
      Serving as the backbone of the Log Explorer, the filtering functionality offers comprehensive data parsing based on the user’s search requirements. Filters can be defined to track logs from a specific computer, or to isolate logs pertaining to a specific operation, such as a log-in event. The versatility of these filters provides an unparalleled level of control over data analysis.
       
      vm settings
       
      The Log Explorer module simplifies filter creation by providing the option to add a filter based on a specific log field with a single click. This degree of simplicity ensures that users can focus more on the analysis and less on the process.
       
        3. Data Grid 
       
      The Data Grid is where the bulk of log information can be viewed, offering users the choice of viewing the data in a table or chart format. This visualization is predicated on a selected field, allowing for a high degree of customization. Users can also define the columns they want to see in the Table mode view, either through the Select fields option on the left, or by directly selecting a field in the log.
       
      vm settings
       
        4 The Log 
       
      The Log section offers a comprehensive view of all log information, ranging from agent_id, process name, to the source IP. This data can be viewed in two ways – either in a table view or in a JSON mode – depending on the user’s preference.
       
      vm settings
       
      The Table mode offers the added benefit of allowing the user to add filters based on the field and value of a specific log, or to create a column in the Data Grid table based on a specific field.
       
        4.1 Options 
       
      Each log field within the Log Explorer module provides two key options for users:
       
         
      •  
        Adding a filter: Based on the field and value of a specific log, users can swiftly add a filter. This feature further fine-tunes the data presented in the Data Grid, refining the log data to fit the user’s specific needs.
         
        •  
      •  
        Creating a column: Users can choose to create a new column in the Data Grid Table based on the field. This feature allows for immediate visibility and accessibility of key data points.
         
        •  
       
      vm settings
       
        5. Personalize Fields 
       
      You can also add or remove columns in the Data Grid view, based on the fields of the logs.
       
      vm settings
       
        5. Save the information 
       
      Users can refresh their data, save the current query for future use, or export the current data to a CSV file for offline analysis.
       
      vm settings
       
      For example, a filter to view all Office365 log-in activities could be saved for future use, negating the need to repeat the filter creation process.
       
      The option to view and manage stored queries also ensures that past investigations can be revisited with ease.
       
      By offering these customizable options, the Log Explorer module delivers an adaptable interface that caters to the specific requirements of individual users. Whether it’s streamlining data analysis by focusing on certain values or enhancing visibility of crucial data, these options ensure a more efficient and tailored log exploration experience.
       
        Office 365 Login Failure Analysis: Step-by-Step Guide Example 
       
      This example provides a comprehensive guide on how to utilize the Log Explorer module to create, configure, and save a query that focuses on all login failure events within Office 365 logs.
       
        Step 1. Source Selection 
       
      In the Source field, type and select “log-o365-*” from the dropdown list. This sets the data source to all Office 365 logs.
       
      vm settings
       
        Step 2. Filter Configuration: 
       
      a. Click on the ‘Add Filter’ button.
       
      b. In the Field dropdown, find and select logx.o365.Operation.keyword.
       
      c. In the Operator dropdown, select is.
       
      d. Type UserLoginFailed in the Value input box, indicating a login failure in your log system. Click Add Filter to apply this filter.
       
      vm settings
       
      After these steps, all the logs about User login failures in Office 365 are displayed. Users can now personalize the columns they see for an easy overview.
       
        Step 3. Column Selection 
       
      Option A:
       
      a. Click on the ‘Select fields’ on the left side of the Data Grid.
       
      b. From the dropdown list, find and select “Userid”, “Workload”, and “AuthenticationType”.
       
      vm settings
       
      Option B:
       
      a. In the Log list, switch to the Table mode view.
       
      b. From the field list, find and press the table icon next to the fields “userid”, “workload”, and “authenticationType”.
       
      vm settings
       
      These fields will be added to your Data Grid view.
       
      vm settings
       
        Save Query 
       
      Once your filters and columns are set up, click on the ‘Save’ button at the top right corner of the Data Grid.
       
      b. In the pop-up box, give your query a unique name, such as “Office365 Login Failures”, and provide a brief description if needed. Click ‘Save’ to finalize the process.
       
      vm settings
       
      Now, you can go to the Query List view by clicking the Queries button in the top right corner and use that query whenever you need.
       
      vm settings
       
       
       
       
        
diff --git a/_site/UTMStackComponents/Threat Management/AlertManagement.html b/_site/UTMStackComponents/Threat Management/AlertManagement.html
index 7d7674d..0fecf17 100644
--- a/_site/UTMStackComponents/Threat Management/AlertManagement.html	
+++ b/_site/UTMStackComponents/Threat Management/AlertManagement.html	
@@ -1 +1 @@
-          Alert Management | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
       
        Documentation     
        
       This site uses Just the Docs, a documentation theme for Jekyll. 
       
       
       
       
       
         
       
       
       
       
        
       
        Alert Management 
       
      Welcome to the Alert Management Section. This resource is tailored to guide you through the nuances and intricacies of our Alert Management system. From the mechanisms of correlation rules and alert generation to severity classifications and data visualizations, this guide encapsulates it all.
       
      Dashboard View
       
        Introduction 
       
      Alert Management isn’t just a component—it’s the bedrock of any effective security information and event management (SIEM) system. Its raison d’être lies in actively monitoring diverse data sources, pinpointing anomalies, detecting suspicious activities, and accordingly manifesting alerts in line with pre-configured correlation rules. The overarching objective? To empower organizations with actionable insights, ensuring the inviolability of their digital perimeter.
       
      Our Alert Management system is fueled by a state-of-the-art correlation engine. This dynamo tirelessly processes incoming data in real-time, juxtaposes it against a matrix of defined correlation rules, and depending on the potential risk magnitude, spawns an alert with a corresponding severity.
       
      This module acts as the nerve center for all alerts detected, showcasing pertinent details and allowing for effective alert handling. It’s not just a tool; it’s your vantage point to preemptively mitigate risks.
       
        1. Data Grid 
       
      The heart of our Alert Management system, the Data Grid, is an interactive tableau of all detected alerts. It collates and exhibits salient details:
       
         
      • Rule Name: The specific set of conditions that birthed the alert.
        •  
      • Severity: The urgency quotient attached to the alert.
        •  
      • Status: A real-time status indicator—new, under review, or resolved.
        •  
      • Sensor: The data source or trigger point that sensed the potential jeopardy.
        •  
       
      The Data Grid, apart from its intuitive design, allows alerts to be catalogued based on any field, defaulting to a chronological hierarchy.
       
        Key Alert Operations 
       
      Dive deeper with these pivotal operations:
       
        Converting an Alert to an Incident 
       
      Not all alerts are born equal. Some demand heightened scrutiny. Use the ‘Create Incident’ feature to either instantiate a new incident from an alert or annex it to an existing incident. Once an alert graduates to an incident status, an automatic email dispatch takes place, notifying stakeholders listed in the UTMStack settings.
       
      Incident Creation
       
      Incident Detail
       
      Craving more on incidents? Dive into our Incident Guide.
       
        Tagging Alerts: Beyond the False Positive 
       
      Hand-in-hand with alerts come false positives. Our system grants you the ability to create Tag Rules directly from alert fields, defaulting with the “False Positive” tag. Once tagged as a false positive through a rule, similar alerts won’t bombard your dashboard.
       
      Tag Rule Creation
       
        Distilling Alerts through Filters 
       
      Harness the power of filters to refine your alert view. With a simple selection, morph your alert landscape based on attributes of your choice.
       
      Filter Selection
       
        Annotating Alerts 
       
      Collaboration is key in any cybersecurity endeavor. The ability to annotate alerts allows teams to share insights, questions, or additional context regarding the nature and potential implications of an alert. These annotations act as collaborative markers, ensuring that team members operate with a common understanding of potential threats.
       
      Add Notes to Alerts
       
        2. Filter 
       
      In a dynamic digital environment, the sheer volume of alerts can be overwhelming. The Filters section is designed to empower users with refined control over the alerts they see. By using powerful and customizable filtering tools, teams can focus on alerts that truly matter.
       
      Whether you’re zoning in on ‘High Severity’ alerts from a specific data source, or tracking down alerts generated by a particular rule, the Filter section offers you an unparalleled degree of specificity.
       
      Filters Overview
       
      Beyond the default set of filters, the Alert Management Module is flexible enough to allow customization. This means that as your organization’s needs evolve, so too can your filtering approach.
       
      Manage Filters
       
      Effective utilization of the Filters section not only simplifies alert management but also elevates your organization’s reactive and proactive security postures.
       
        3. Additional Alert Management Features 
       
      Our Alert Management Module is brimming with features designed to ensure that you remain ahead of potential threats. At the top right of the module interface, you’ll find three primary functionalities: Save Report, Manage Tags, and View Tag Rules.
       
      Options Overview
       
        Save Report 
       
      In some scenarios, offline analysis and record-keeping are indispensable. The ‘Save Report’ feature allows users to extract and download a comprehensive report of the alerts in a standard CSV format. Whether it’s a deep dive into the past week’s data or a broader look at alert trends, this feature facilitates flexible data export for any analytical or compliance need.
       
      Save Report Overview
       
        Manage Tags 
       
      Tagging is more than just a labeling exercise—it’s about classification, prioritization, and quick identification. The ‘Manage Tags’ feature empowers users to define their taxonomy of tags, ensuring that alerts can be swiftly categorized and acted upon.
       
      Manage Tags Overview
       
        View Tag Rules 
       
      Automation meets classification in the ‘View Tag Rules’ section. Here, you can define, review, and manage rules that automatically tag incoming alerts based on pre-set conditions. This auto-tagging not only streamlines alert handling but also introduces a degree of predictability in how alerts are categorized.
       
      Manage Tag Rules Further Tag Rule Management
       
      By embracing the full suite of features in our Alert Management Module, organizations can equip themselves to rapidly identify, classify, and react to potential threats. In a landscape where response time is paramount, we ensure you have the tools to stay ahead.
       
       
       
       
        
+          Alert Management | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
       
        Documentation     
        
       This site uses Just the Docs, a documentation theme for Jekyll. 
       
       
       
       
       
         
       
       
       
       
        
       
        Alert Management 
       
      Welcome to the Alert Management Section. This resource is tailored to guide you through the nuances and intricacies of our Alert Management system. From the mechanisms of correlation rules and alert generation to severity classifications and data visualizations, this guide encapsulates it all.
       
      Dashboard View
       
        Introduction 
       
      Alert Management isn’t just a component—it’s the bedrock of any effective security information and event management (SIEM) system. Its raison d’être lies in actively monitoring diverse data sources, pinpointing anomalies, detecting suspicious activities, and accordingly manifesting alerts in line with pre-configured correlation rules. The overarching objective? To empower organizations with actionable insights, ensuring the inviolability of their digital perimeter.
       
      Our Alert Management system is fueled by a state-of-the-art correlation engine. This dynamo tirelessly processes incoming data in real-time, juxtaposes it against a matrix of defined correlation rules, and depending on the potential risk magnitude, spawns an alert with a corresponding severity.
       
      This module acts as the nerve center for all alerts detected, showcasing pertinent details and allowing for effective alert handling. It’s not just a tool; it’s your vantage point to preemptively mitigate risks.
       
        1. Data Grid 
       
      The heart of our Alert Management system, the Data Grid, is an interactive tableau of all detected alerts. It collates and exhibits salient details:
       
         
      • Rule Name: The specific set of conditions that birthed the alert.
        •  
      • Severity: The urgency quotient attached to the alert.
        •  
      • Status: A real-time status indicator—new, under review, or resolved.
        •  
      • Sensor: The data source or trigger point that sensed the potential jeopardy.
        •  
       
      The Data Grid, apart from its intuitive design, allows alerts to be catalogued based on any field, defaulting to a chronological hierarchy.
       
        Key Alert Operations 
       
      Dive deeper with these pivotal operations:
       
        Converting an Alert to an Incident 
       
      Not all alerts are born equal. Some demand heightened scrutiny. Use the ‘Create Incident’ feature to either instantiate a new incident from an alert or annex it to an existing incident. Once an alert graduates to an incident status, an automatic email dispatch takes place, notifying stakeholders listed in the UTMStack settings.
       
      Incident Creation
       
      Incident Detail
       
      Craving more on incidents? Dive into our Incident Guide.
       
        Tagging Alerts: Beyond the False Positive 
       
      Hand-in-hand with alerts come false positives. Our system grants you the ability to create Tag Rules directly from alert fields, defaulting with the “False Positive” tag. Once tagged as a false positive through a rule, similar alerts won’t bombard your dashboard.
       
      Tag Rule Creation
       
        Distilling Alerts through Filters 
       
      Harness the power of filters to refine your alert view. With a simple selection, morph your alert landscape based on attributes of your choice.
       
      Filter Selection
       
        Annotating Alerts 
       
      Collaboration is key in any cybersecurity endeavor. The ability to annotate alerts allows teams to share insights, questions, or additional context regarding the nature and potential implications of an alert. These annotations act as collaborative markers, ensuring that team members operate with a common understanding of potential threats.
       
      Add Notes to Alerts
       
        2. Filter 
       
      In a dynamic digital environment, the sheer volume of alerts can be overwhelming. The Filters section is designed to empower users with refined control over the alerts they see. By using powerful and customizable filtering tools, teams can focus on alerts that truly matter.
       
      Whether you’re zoning in on ‘High Severity’ alerts from a specific data source, or tracking down alerts generated by a particular rule, the Filter section offers you an unparalleled degree of specificity.
       
      Filters Overview
       
      Beyond the default set of filters, the Alert Management Module is flexible enough to allow customization. This means that as your organization’s needs evolve, so too can your filtering approach.
       
      Manage Filters
       
      Effective utilization of the Filters section not only simplifies alert management but also elevates your organization’s reactive and proactive security postures.
       
        3. Additional Alert Management Features 
       
      Our Alert Management Module is brimming with features designed to ensure that you remain ahead of potential threats. At the top right of the module interface, you’ll find three primary functionalities: Save Report, Manage Tags, and View Tag Rules.
       
      Options Overview
       
        Save Report 
       
      In some scenarios, offline analysis and record-keeping are indispensable. The ‘Save Report’ feature allows users to extract and download a comprehensive report of the alerts in a standard CSV format. Whether it’s a deep dive into the past week’s data or a broader look at alert trends, this feature facilitates flexible data export for any analytical or compliance need.
       
      Save Report Overview
       
        Manage Tags 
       
      Tagging is more than just a labeling exercise—it’s about classification, prioritization, and quick identification. The ‘Manage Tags’ feature empowers users to define their taxonomy of tags, ensuring that alerts can be swiftly categorized and acted upon.
       
      Manage Tags Overview
       
        View Tag Rules 
       
      Automation meets classification in the ‘View Tag Rules’ section. Here, you can define, review, and manage rules that automatically tag incoming alerts based on pre-set conditions. This auto-tagging not only streamlines alert handling but also introduces a degree of predictability in how alerts are categorized.
       
      Manage Tag Rules Further Tag Rule Management
       
      By embracing the full suite of features in our Alert Management Module, organizations can equip themselves to rapidly identify, classify, and react to potential threats. In a landscape where response time is paramount, we ensure you have the tools to stay ahead.
       
       
       
       
        
diff --git a/_site/UTMStackComponents/Threat Management/FalsePositive.html b/_site/UTMStackComponents/Threat Management/FalsePositive.html
index 97420eb..bd2dee2 100644
--- a/_site/UTMStackComponents/Threat Management/FalsePositive.html	
+++ b/_site/UTMStackComponents/Threat Management/FalsePositive.html	
@@ -1 +1 @@
-          False Positive | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
       
        Documentation     
        
       This site uses Just the Docs, a documentation theme for Jekyll. 
       
       
       
       
       
         
       
       
       
       
        
       
        False Positives in Alert Management 
       
      In the realm of cybersecurity, not all alerts are indicative of genuine threats. Sometimes, alerts are triggered by benign activities or known behaviors which, while meeting the conditions of an alert rule, do not represent any malicious intent. Such alerts are termed as “False Positives”.
       
      Managing false positives is crucial for security operations. High numbers of false positives can overwhelm security teams, causing them to potentially overlook real threats. Moreover, consistent false alerts can desensitize teams to alerts in general, increasing the risk of missing genuine threats.
       
        Understanding the “False Positive” Tag 
       
      In the Alert Management Module, users have the ability to tag alerts as “False Positive”. Once an alert is tagged as a false positive based on certain conditions, the system will recognize similar future alerts under those conditions as false positives and will not raise them as genuine threats.
       
        Practical Example: Geo-based False Positive Tagging 
       
      Consider an user that belonw to your organization.The Alert Management System, based on certain conditions, might see unusual activity and raise alerts. However, given that the organization is aware of this benign interaction, these alerts are, in fact, false positives.
       
      To handle such a scenario, the organization can set a false positive rule:
       
        Step-by-Step Guide to Create a Geo-based False Positive Tag 
       
         
      1. Navigate to the Alert Management Data Grid  section in the Alert Management Module.
        2.  
      2. Select the alert that you can extract the condicions to convert it in a false positive tag rule.
        3.  
      3. Click on Create New Tag Rule.
        4.  
       
      Tag Rule Creation
       
         
      1. From the available tags, select “False Positive”.
        2.  
      2.  
           
        1. Give a name and a description to the Rule.
          2.  
         
        3.  
      3. Set the condition as Equals and enter the name of the pc.
        4.  
      4. Save the rule.
        5.  
       
      Tag Rule Creation
       
      Once this rule is saved, any alert generated from activity originating from that PC will automatically be tagged as a false positive, ensuring that the security team is not inundated with unnecessary alerts.
       
      By effectively managing false positives, organizations can streamline their threat detection and response processes, ensuring that genuine threats don’t go unnoticed.
       
       
       
       
        
+          False Positive | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
       
        Documentation     
        
       This site uses Just the Docs, a documentation theme for Jekyll. 
       
       
       
       
       
         
       
       
       
       
        
       
        False Positives in Alert Management 
       
      In the realm of cybersecurity, not all alerts are indicative of genuine threats. Sometimes, alerts are triggered by benign activities or known behaviors which, while meeting the conditions of an alert rule, do not represent any malicious intent. Such alerts are termed as “False Positives”.
       
      Managing false positives is crucial for security operations. High numbers of false positives can overwhelm security teams, causing them to potentially overlook real threats. Moreover, consistent false alerts can desensitize teams to alerts in general, increasing the risk of missing genuine threats.
       
        Understanding the “False Positive” Tag 
       
      In the Alert Management Module, users have the ability to tag alerts as “False Positive”. Once an alert is tagged as a false positive based on certain conditions, the system will recognize similar future alerts under those conditions as false positives and will not raise them as genuine threats.
       
        Practical Example: Geo-based False Positive Tagging 
       
      Consider an user that belonw to your organization.The Alert Management System, based on certain conditions, might see unusual activity and raise alerts. However, given that the organization is aware of this benign interaction, these alerts are, in fact, false positives.
       
      To handle such a scenario, the organization can set a false positive rule:
       
        Step-by-Step Guide to Create a Geo-based False Positive Tag 
       
         
      1. Navigate to the Alert Management Data Grid  section in the Alert Management Module.
        2.  
      2. Select the alert that you can extract the condicions to convert it in a false positive tag rule.
        3.  
      3. Click on Create New Tag Rule.
        4.  
       
      Tag Rule Creation
       
         
      1. From the available tags, select “False Positive”.
        2.  
      2.  
           
        1. Give a name and a description to the Rule.
          2.  
         
        3.  
      3. Set the condition as Equals and enter the name of the pc.
        4.  
      4. Save the rule.
        5.  
       
      Tag Rule Creation
       
      Once this rule is saved, any alert generated from activity originating from that PC will automatically be tagged as a false positive, ensuring that the security team is not inundated with unnecessary alerts.
       
      By effectively managing false positives, organizations can streamline their threat detection and response processes, ensuring that genuine threats don’t go unnoticed.
       
       
       
       
        
diff --git a/_site/UTMStackComponents/Threat Management/README.html b/_site/UTMStackComponents/Threat Management/README.html
index 7548f7d..71947fd 100644
--- a/_site/UTMStackComponents/Threat Management/README.html	
+++ b/_site/UTMStackComponents/Threat Management/README.html	
@@ -1 +1 @@
-          Threat Management | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
       
        Documentation     
        
       This site uses Just the Docs, a documentation theme for Jekyll. 
       
       
       
       
       
         
       
       
       
       
       
       
        Threat Management Module 
       
      The Threat Management Module is a vital component of the UTMStack, serving as the primary interface for security engineers and analysts. It offers a comprehensive and real-time view of all security events and potential threats within your organization.
       
      When the UTMStack engine detects an event or anything that could be considered a threat, it is immediately directed to this module. This facilitates real-time threat detection and management, providing a continually updated overview of the security landscape within your organization.
       
      The module is split into two key sections:
       
         
      • Alert Managment: This is where all alerts detected by the UTMStack engine are collated and presented for your analysis and action.
        •  
      • Taggin Rules:  This is where you can manage the rules for tagging specific alerts, aiding in efficient classification and tracking of recurrent incidents.
        •  
       
      Additionally, the module comes equipped with an array of predefined alert options. These filters can provide quick views of alerts based on various criteria, such as the source (like Azure or Windows) or the alert classification (such as false positives).
       
      dashobard view
       
       
      Table of contents
        
       
       
       
        
+          Threat Management | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
       
        Documentation     
        
       This site uses Just the Docs, a documentation theme for Jekyll. 
       
       
       
       
       
         
       
       
       
       
       
       
        Threat Management Module 
       
      The Threat Management Module is a vital component of the UTMStack, serving as the primary interface for security engineers and analysts. It offers a comprehensive and real-time view of all security events and potential threats within your organization.
       
      When the UTMStack engine detects an event or anything that could be considered a threat, it is immediately directed to this module. This facilitates real-time threat detection and management, providing a continually updated overview of the security landscape within your organization.
       
      The module is split into two key sections:
       
         
      • Alert Managment: This is where all alerts detected by the UTMStack engine are collated and presented for your analysis and action.
        •  
      • Taggin Rules:  This is where you can manage the rules for tagging specific alerts, aiding in efficient classification and tracking of recurrent incidents.
        •  
       
      Additionally, the module comes equipped with an array of predefined alert options. These filters can provide quick views of alerts based on various criteria, such as the source (like Azure or Windows) or the alert classification (such as false positives).
       
      dashobard view
       
       
      Table of contents
        
       
       
       
        
diff --git a/_site/assets/js/search-data.json b/_site/assets/js/search-data.json
index 7c90159..363b948 100644
--- a/_site/assets/js/search-data.json
+++ b/_site/assets/js/search-data.json
@@ -370,43 +370,43 @@
     
     "relUrl": "/UTMStackComponents/Incidents/IncidentResponseAutomation.html#incident-response-dashboard-view"
   },"53": {
-    "doc": "Predefined playbooks",
-    "title": "Predefined playbooks of incident response actions",
-    "content": " ",
-    "url": "/UTMStackComponents/Incidents/IncidentResponsePredefinedExamples.html#predefined-playbooks-of-incident-response-actions",
+    "doc": "Examples playbooks",
+    "title": "Examples of incident response playbooks",
+    "content": "In this section, we offer examples of incident response playbooks tailored for Ubuntu systems, designed to assist system administrators and security professionals in effectively managing security incidents. ",
+    "url": "/UTMStackComponents/Incidents/IncidentResponsePredefinedExamples.html#examples-of-incident-response-playbooks",
     
-    "relUrl": "/UTMStackComponents/Incidents/IncidentResponsePredefinedExamples.html#predefined-playbooks-of-incident-response-actions"
+    "relUrl": "/UTMStackComponents/Incidents/IncidentResponsePredefinedExamples.html#examples-of-incident-response-playbooks"
   },"54": {
-    "doc": "Predefined playbooks",
+    "doc": "Examples playbooks",
     "title": "Shutdown Machine",
     "content": "Use Case: An alert is triggered indicating a high-severity unauthorized access attempt to a critical server. The protocol used is SSH, and the intrusion detection system generated the alert. The source of the attempt is identified with a hostname of attacker.example.com, an IP address of 192.0.2.1, and is coming from the US with ASN 12345 on port 22. Response: . shutdown -h now . ",
     "url": "/UTMStackComponents/Incidents/IncidentResponsePredefinedExamples.html#shutdown-machine",
     
     "relUrl": "/UTMStackComponents/Incidents/IncidentResponsePredefinedExamples.html#shutdown-machine"
   },"55": {
-    "doc": "Predefined playbooks",
+    "doc": "Examples playbooks",
     "title": "Block User",
     "content": "Use Case: An alert for a brute force attack is generated due to multiple failed login attempts via SSH. The alert is active, with high severity, and the source is attacker.example.com from IP 192.0.2.1 in the US with ASN 12345 on port 22. Response: . usermod -L ${source.user} . ",
     "url": "/UTMStackComponents/Incidents/IncidentResponsePredefinedExamples.html#block-user",
     
     "relUrl": "/UTMStackComponents/Incidents/IncidentResponsePredefinedExamples.html#block-user"
   },"56": {
-    "doc": "Predefined playbooks",
+    "doc": "Examples playbooks",
     "title": "Block IP",
     "content": "Use Case Suspicious network traffic is detected by the firewall, triggering an alert categorized as network scanning with high severity. The traffic is on TCP protocol from scanner.example.com with IP 192.0.2.1 from CN with ASN 23456 on port 80. Response: . iptables -A INPUT -s ${source.ip} -j DROP . ",
     "url": "/UTMStackComponents/Incidents/IncidentResponsePredefinedExamples.html#block-ip",
     
     "relUrl": "/UTMStackComponents/Incidents/IncidentResponsePredefinedExamples.html#block-ip"
   },"57": {
-    "doc": "Predefined playbooks",
+    "doc": "Examples playbooks",
     "title": "Block IP in Firewall",
     "content": "Use Case: An alert of high-severity suspicious firewall traffic categorized as network scanning is triggered. The alert indicates traffic from scanner.example.com with IP 192.0.2.1 from CN with ASN 23456 on port 80. Response: . # Connection to the firewall ssh admin@firewall.example.com # Command to block the IP in ufw firewall ufw deny from ${source.ip} . ",
     "url": "/UTMStackComponents/Incidents/IncidentResponsePredefinedExamples.html#block-ip-in-firewall",
     
     "relUrl": "/UTMStackComponents/Incidents/IncidentResponsePredefinedExamples.html#block-ip-in-firewall"
   },"58": {
-    "doc": "Predefined playbooks",
-    "title": "Predefined playbooks",
+    "doc": "Examples playbooks",
+    "title": "Examples playbooks",
     "content": " ",
     "url": "/UTMStackComponents/Incidents/IncidentResponsePredefinedExamples.html",
     
@@ -687,7 +687,7 @@
   },"98": {
     "doc": "Master Server Setup Guide",
     "title": "Step 7: Accessing the UTMStack Platform",
-    "content": "Once you have successfully installed the UTMStack master server, you can now access the platform and start using it for your cybersecurity needs. Follow these steps to log in to the UTMStack platform: . Open your preferred web browser. Enter the HTTPS URL of your server’s name or IP address in the browser’s address bar. For example, if your server’s IP address is 192.168.0.100, you would enter https://192.168.0.100. Press Enter to load the UTMStack login page. Once UTMStack is installed, use admin as the user and the password generated during the installation for the default user to login. You can find the password and other generated configurations in /root/UTMStack. Note: Use HTTPS in front of your server name or IP to access the login page. Default Login Credentials: . User: utmstack, Password: utmstack . Click on the “Sign In” button to authenticate and access the UTMStack platform. ",
+    "content": "Once you have successfully installed the UTMStack master server, you can now access the platform and start using it for your cybersecurity needs. Follow these steps to log in to the UTMStack platform: . Open your preferred web browser. Enter the HTTPS URL of your server’s name or IP address in the browser’s address bar. For example, if your server’s IP address is 192.168.0.100, you would enter https://192.168.0.100. Press Enter to load the UTMStack login page. Once UTMStack is installed, use admin as the user and the password generated during the installation for the default user to login. You can find the password and other generated configurations in /root/UTMStack. Note: Use HTTPS in front of your server name or IP to access the login page. Default credentials for Ubuntu Server when using the ISO installer: . User: utmstack Password: utmstack . Click on the “Sign In” button to authenticate and access the UTMStack platform. ",
     "url": "/Installation/MasterServerInstallation.html#step-7-accessing-the-utmstack-platform",
     
     "relUrl": "/Installation/MasterServerInstallation.html#step-7-accessing-the-utmstack-platform"
@@ -1191,7 +1191,7 @@
   },"170": {
     "doc": "System Requirements",
     "title": "Master Server Specifications:",
-    "content": "The Master server undertakes the task of overseeing and orchestrating the UTMStack platform. Below is a tabulation of the recommended specifications for the hot log storage: . | Data Sources (Approx. Monthly Data) | Cores | RAM | Disk Space | . | 50 (100 GB) | 4 | 8 GB | 150 GB | . | 120 (250 GB) | 8 | 16 GB | 250 GB | . | 240 (500 GB) | 16 | 32 GB | 450 GB | . You have the flexibility to mix and match these tiers based on the number of devices you have and your preferred hot log storage duration. ",
+    "content": "The Master server undertakes the task of overseeing and orchestrating the UTMStack platform. Below is a tabulation of the recommended specifications for the hot log storage: . | Data Sources (Approx. Monthly Data) | Cores | RAM | Disk Space | . | 50 (100 GB) | 4 | 12 GB | 150 GB | . | 120 (250 GB) | 8 | 16 GB | 250 GB | . | 240 (500 GB) | 16 | 32 GB | 450 GB | . You have the flexibility to mix and match these tiers based on the number of devices you have and your preferred hot log storage duration. ",
     "url": "/Installation/SystemRequirements.html#master-server-specifications",
     
     "relUrl": "/Installation/SystemRequirements.html#master-server-specifications"
@@ -1275,7 +1275,7 @@
   },"182": {
     "doc": "Integrations",
     "title": "UTMStack Integrations",
-    "content": "UTMStack comes out of the box with a wide range of built-in integrations for most mainstream technologies. Enabling an integration allows UTMStack to correlate logs coming from the corresponding data source on your network and detecting threats reliably. Each specific integration has its own guide. Our team is always working on a new integration, but here is the list of what we have developed so far: . | No. | Name |   | . | 1 | VMWare Syslog | | . | 2 | Windows Agent | | . | 3 | Syslog | | . | 4 | Linux Agent | | . | 5 | SOC AI | | . | 6 | ESET Endpoint Protection | | . | 7 | Kaspersky Security | | . | 8 | Bitdefender | | . | 9 | Traefik | | . | 10 | Google Cloud Platform | | . | 11 | AWS Cloudwatch | | . | 12 | Office365 | | . | 13 | Azure | | . | 14 | Logstash | | . | 15 | MongoDB | | . | 16 | MySQL | | . | 17 | Redis | | . | 18 | Kafka | | . | 19 | Elasticsearch | | . | 20 | PostgreSQL | | . | 21 | Kibana | | . | 22 | Cisco Switch | | . | 23 | Cisco ASA | | . | 24 | Cisco Meraki | | . | 25 | FortiGate | | . | 26 | Sophos XG | | . | 27 | Fire Power | | . | 28 | MikroTik | | . | 29 | Palo Alto | | . | 30 | SonicWall | | . | 31 | GitHub | | . | 32 | Nats | | . | 33 | Json Input | | . | 34 | MacOS | | . | 35 | OsQuery | | . | 36 | Linux Auditing Demon | | . | 37 | Deceptive Bytes | | . | 38 | High Availability Proxy | | . | 39 | File Classification | | . | 40 | Apache | | . | 41 | Internet Information Services | | . | 42 | Nginx | | . | 43 | Sophos Central | | . | 44 | SentinelOne Endpoint Security | | . | 45 | IBM AS400 | | . | 46 | UFW | | . | 47 | Rsyslog | | . | 48 | Netflow | | . | 59 | Salesforce | | . | 50 | Suricata | | . | 51 | Wazuh | | . | 52 | ESET NOD32 | | . | 53 | FortiWeb | | . | 54 | IBM AIX | | . | 55 | Check Point | | . | 56 | pfSense | | . ",
+    "content": "UTMStack comes out of the box with a wide range of built-in integrations for most mainstream technologies. Enabling an integration allows UTMStack to correlate logs coming from the corresponding data source on your network and detecting threats reliably. Each specific integration has its own guide. Our team is always working on a new integration, but here is the list of what we have developed so far: . | No. | Name |   | . | 1 | VMWare Syslog | | . | 2 | Windows Agent | | . | 3 | Syslog | | . | 4 | Linux Agent | | . | 5 | SOC AI | | . | 6 | ESET Endpoint Protection | | . | 7 | Kaspersky Security | | . | 8 | Bitdefender | | . | 9 | Traefik | | . | 10 | Google Cloud Platform | | . | 11 | AWS Cloudwatch | | . | 12 | Office365 | | . | 13 | Azure | | . | 14 | Logstash | | . | 15 | MongoDB | | . | 16 | MySQL | | . | 17 | Redis | | . | 18 | Kafka | | . | 19 | Elasticsearch | | . | 20 | PostgreSQL | | . | 21 | Kibana | | . | 22 | Cisco Switch | | . | 23 | Cisco ASA | | . | 24 | Cisco Meraki | | . | 25 | FortiGate | | . | 26 | Sophos XG | | . | 27 | Fire Power | | . | 28 | MikroTik | | . | 29 | Palo Alto | | . | 30 | SonicWall | | . | 31 | GitHub | | . | 32 | Nats | | . | 33 | Json Input | | . | 34 | MacOS | | . | 35 | OsQuery | | . | 36 | Linux Auditing Demon | | . | 37 | Deceptive Bytes | | . | 38 | High Availability Proxy | | . | 39 | File Classification | | . | 40 | Apache | | . | 41 | Internet Information Services | | . | 42 | Nginx | | . | 43 | Sophos Central | | . | 44 | SentinelOne Endpoint Security | | . ",
     "url": "/Integrations/ThreatDetectionandResponse.html#utmstack-integrations",
     
     "relUrl": "/Integrations/ThreatDetectionandResponse.html#utmstack-integrations"
diff --git a/_site/index.html b/_site/index.html
index bd9b710..78e10a2 100644
--- a/_site/index.html
+++ b/_site/index.html
@@ -1 +1 @@
-          Introduction | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
       
        Documentation     
        
       This site uses Just the Docs, a documentation theme for Jekyll. 
       
       
       
       
       
         
       
       
       
       
       
       
        UTMStack: Elevate Your Cybersecurity with Open Source SIEM and XDR 
       
      Welcome to the UTMStack documentation - your passport to the future of cybersecurity.
       
        Experience UTMStack in Action! 
       
      UTMStack Interface
       
        Unleashing Power and Precision 
       
      UTMStack is not just another security tool; it is a revolutionary system blending SIEM (Security Information and Event Management) and XDR (Extended Detection and Response) technologies, transforming them into a powerhouse of real-time correlation and threat intelligence.
       
        Why UTMStack? 
       
         
      • Real-Time Threat Intelligence: Armed with over 30 billion Indicators of Compromise (IoC), UTMStack identifies and mitigates threats in real-time.
        •  
      • AI-Powered Analysis: Experience the synergy of human expertise and artificial intelligence ensuring precise threat detection and response.
        •  
      • Holistic View: Seamless integration with the existing infrastructure for a comprehensive view of your security posture.
        •  
      • Compliance Management: Effortlessly meet GDPR, GLBA, HIPAA, SOC, and ISO standards.
        •  
       
      Watch How UTMStack Transforms Security Management
       
        Combat Advanced Persistent Threats (APTs) 
       
      In the evolving digital landscape, APTs represent a sophisticated and stealthy menace. UTMStack is your fortress, a meticulous guardian that tirelessly works to identify and neutralize intricate threats employing real-time log data correlation, threat intelligence, and malware activity patterns from diverse sources.
       
        How UTMStack Stands Apart 
       
      Your antivirus might be a formidable defense against malware, but when it comes to APTs, UTMStack takes cybersecurity to the next level.
       
        Adaptable and Intelligent 
       
         
      • AI Integration: Streamline alert investigations and classification, reducing analyst workload and enhancing accuracy.
        •  
      • Real-Time Action: Swift detection and responsive actions against threats ensuring your organization’s digital safety.
        •  
       
      Discover the Intelligence of UTMStack
       
        Compliance and Security Hand in Hand 
       
      Navigating the intricate web of regulatory requirements is effortless with UTMStack. From HIPAA to GDPR, achieve and demonstrate compliance with intuitive dashboards and detailed reports. Every log, every alert, every action is recorded, analyzed, and stored to simplify audits and ensure accountability.
       
        Security at Its Core 
       
         
      • Isolation and Protection: Every instance shielded, every data encrypted, every access controlled.
        •  
      • Global Standards: Adherence to international security and compliance norms ensuring global applicability.
        •  
       
        Join the Future of Cybersecurity with UTMStack 
       
      Don’t just stay ahead of threats; anticipate, analyze, and annihilate them with UTMStack. Every feature, every module is meticulously crafted, empowering you to transform data into actionable insights, vulnerabilities into fortifications, and threats into opportunities for strengthening security.
       
      Launch Your Own 24/7 Security Operations Center with UTMStack!
       
      “UTMStack - Where innovation meets invincibility, and security becomes an enabler of innovation!”
       
       
       
       
        
+          Introduction | Documentation                Skip to main content   Link      Menu      Expand       (external link)    Document      Search       Copy       Copied       
       
        Documentation     
        
       This site uses Just the Docs, a documentation theme for Jekyll. 
       
       
       
       
       
         
       
       
       
       
       
       
        UTMStack: Elevate Your Cybersecurity with Open Source SIEM and XDR 
       
      Welcome to the UTMStack documentation - your passport to the future of cybersecurity.
       
        Experience UTMStack in Action! 
       
      UTMStack Interface
       
        Unleashing Power and Precision 
       
      UTMStack is not just another security tool; it is a revolutionary system blending SIEM (Security Information and Event Management) and XDR (Extended Detection and Response) technologies, transforming them into a powerhouse of real-time correlation and threat intelligence.
       
        Why UTMStack? 
       
         
      • Real-Time Threat Intelligence: Armed with over 30 billion Indicators of Compromise (IoC), UTMStack identifies and mitigates threats in real-time.
        •  
      • AI-Powered Analysis: Experience the synergy of human expertise and artificial intelligence ensuring precise threat detection and response.
        •  
      • Holistic View: Seamless integration with the existing infrastructure for a comprehensive view of your security posture.
        •  
      • Compliance Management: Effortlessly meet GDPR, GLBA, HIPAA, SOC, and ISO standards.
        •  
       
      Watch How UTMStack Transforms Security Management
       
        Combat Advanced Persistent Threats (APTs) 
       
      In the evolving digital landscape, APTs represent a sophisticated and stealthy menace. UTMStack is your fortress, a meticulous guardian that tirelessly works to identify and neutralize intricate threats employing real-time log data correlation, threat intelligence, and malware activity patterns from diverse sources.
       
        How UTMStack Stands Apart 
       
      Your antivirus might be a formidable defense against malware, but when it comes to APTs, UTMStack takes cybersecurity to the next level.
       
        Adaptable and Intelligent 
       
         
      • AI Integration: Streamline alert investigations and classification, reducing analyst workload and enhancing accuracy.
        •  
      • Real-Time Action: Swift detection and responsive actions against threats ensuring your organization’s digital safety.
        •  
       
      Discover the Intelligence of UTMStack
       
        Compliance and Security Hand in Hand 
       
      Navigating the intricate web of regulatory requirements is effortless with UTMStack. From HIPAA to GDPR, achieve and demonstrate compliance with intuitive dashboards and detailed reports. Every log, every alert, every action is recorded, analyzed, and stored to simplify audits and ensure accountability.
       
        Security at Its Core 
       
         
      • Isolation and Protection: Every instance shielded, every data encrypted, every access controlled.
        •  
      • Global Standards: Adherence to international security and compliance norms ensuring global applicability.
        •  
       
        Join the Future of Cybersecurity with UTMStack 
       
      Don’t just stay ahead of threats; anticipate, analyze, and annihilate them with UTMStack. Every feature, every module is meticulously crafted, empowering you to transform data into actionable insights, vulnerabilities into fortifications, and threats into opportunities for strengthening security.
       
      Launch Your Own 24/7 Security Operations Center with UTMStack!
       
      “UTMStack - Where innovation meets invincibility, and security becomes an enabler of innovation!”