Skip to content

cs-pranali-chavan/widget-soc-overview-sankey

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

25 Commits
docs
docs
 
 
widget
widget
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

Release Information

  • Version: 2.0.0
  • Certified: No
  • Publisher: Fortinet
  • Compatibility: 7.4.2 and later
  • Applicable: Dashboards and Reports
  • Release Notes

Overview

The FortiSOAR™ Overview Sankey widget helps visualize the flow between nodes in a directed acyclic network. Sankey diagrams are a data visualization technique or flow diagram that emphasizes flow, movement, or change from one state to another. The width of the arrows is proportional to the flow rate of the depicted extensive property.

A dashboard with a Sankey chart

A Sankey chart widget can be a valuable visualization tool in FortiSOAR for illustrating the flow of data or processes between different stages. In FortiSOAR™, they can help represent the flow of security incidents, alerts, or data through various automated processes:

  1. Incident Workflow Visualization:

    • Use the Sankey chart to visually represent the workflow of security incidents as they progress through different stages of analysis, investigation, and resolution.
    • Nodes in the chart can represent different stages, such as "Incident Detection," "Investigation," "Enrichment," "Response," and "Resolution."

  2. Alert Triage and Escalation:

    • Visualize the triage and escalation process for security alerts within the FortiSOAR™. Nodes can represent different alert severity levels, and the links can show how alerts are triaged, escalated, or deescalated.

  3. Data Enrichment:

    • Show how data enrichment processes contribute to the overall analysis of security incidents. Nodes can represent different enrichment tools or processes, and links can indicate the flow of enriched data.

  4. Integration Points:

    • Display integration points with external systems, such as threat intelligence feeds, ticketing systems, or other security tools. Nodes can represent these external systems, and links can show data exchange or integration points.

  5. User Activity and Access:

    • Use the Sankey chart to visualize user activity and access patterns within the FortiSOAR™ environment. Nodes can represent users or roles, and links can show their interactions with different systems or processes.

  6. Custom Metrics and KPIs:

    • Customize the Sankey chart to display key performance indicators (KPIs) and metrics relevant to the FortiSOAR™'s goals, such as incident resolution time, automation efficiency, or alert response times.

  7. Real-time Monitoring:

    • Integrate the Sankey chart into a real-time monitoring dashboard within FortiSOAR™ to provide analysts with a dynamic and up-to-date view of the security operations flow.
Installation Configuration Usage

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • JavaScript 72.9%
  • HTML 27.1%