File Integrity Monitoring Dashboard
The Visualize | Predefined | File Integrity Monitoring page lets you keep track of File Integrity Monitoring events detected by Stellar Cyber Windows Server Sensors.
The data in this display includes only data that matches the current filter settings. See the Filters page for more information.
Prerequisites for the File Integrity Monitoring Dashboard
The File Integrity Monitoring dashboard relies on data provided by Windows Server Sensors with the FIM feature enabled in their Sensor Profile.
-
Refer to Configuring File Integrity Monitoring (FIM Linux) for details on how to enable file integrity monitoring and specify which files/directories are monitored for file creation, deletion, and changes.
-
Refer to Best Practices for File Integrity Monitoring (FIM) for information on industry-standard best practices for File Integrity Monitoring, including the files/directories selected for monitoring by default.
By default, the predefined dashboards show All Open alerts. You can use the filters at the left of the dashboard to change which alerts are displayed.
Understanding the File Integrity Monitoring Dashboard
The File Integrity Monitoring dashboard helps you keep track of the different FIM events detected by Windows Server Sensors in your network.
The File Integrity Monitoring dashboard breaks out FIM events in the following charts and tables. Note that all charts and tables are based on the FIM events included by the current
-
Total Number of File Paths in Events – Displays the total number of unique file paths in the FIM events available according to the Toolbar Filters.
-
FIM Events - Action Trends – Graphs the quantity of FIM events by date.
-
TopN FIM Events - Actions – Charts the Top N FIM event actions (create, delete, change) in either donut or pie mode.
-
Top File Paths – Lists the top file paths with associated FIM events in a standard table format.
-
Top Systems – Lists the Windows Server Sensors with the most associated FIM events.