Service Reports

The REPORTS page in the Alert Logic console provides access to data related to exposures and incidents Alert Logic found within your deployments. You can also view data related to your product usage within your accounts. For information on all the available report groups, see Reports Guide.

The Service reports provide convenient access to data related to entitlements, capability usage, users and security content for your subscribed products and services. Alert Logic provides Service reports within the following categories:

  • Entitlement—Provide daily summaries, and valuable insights and trending data for entitlement and usage.
  • Capability Usage—Provide valuable summary and trending data on your actual use of deployed security product and service capabilities.
  • Health —Provide valuable summary and trending data on the health status of protected networks and assets collecting log or network data.
  • Users—Provide valuable insight into key customer contacts and user accounts provisioned in the Alert Logic console for your subscribed services.

To access the Service reports, in the Alert Logic console, click the menu icon (), and then click Validate. Click Reports, and then click Service.

Each report allows you to share its data by email, or download the report as a CSV or PDF file. To learn how to download reports, see Report Download Option.

You can also schedule a report to run periodically and subscribe users or an integration (such as a webhook) to receive a notification when the report is generated. From the Downloads tab on the Reports page, you can download and manage reports generated from your schedules. For more information, see Scheduled Reports and Notifications.

Filtering reports

You can filter your reports quickly to refine your results and generate relevant information you need. Each report has a set of filters located at the top that you can select or clear for the filters you want to see. Alert Logic also allows you to add or remove some or all values in a filter you want to see.

Filter the report using drop-down menus

By default, Alert Logic includes (All) values for most filters in the report.

To add or remove filter values:

  1. Click the drop-down menu in the filter, and then select or clear values.
  2. Click Apply.

Entitlement

You can run the following reports that provide information on your entitlement, and insights on your usage:

  • Entitlement Summary: Provides a daily summary of your entitlement and usage, including count and percentage of node used, node remaining and list of protected node counts. To learn more about this report, see Entitlement Summary.
  • Entitlement Usage Trends: Provides a summary of your entitlement usage, including nodes used trends and entitlement change trends. To learn more about this report, see Entitlement Usage Trends.

Capability Usage

You can run the following reports that provide information on your actual use of deployed security product and service capabilities:

  • Monthly Service Review: Provide summary information and visibility into product configuration, product status, and security outcomes from your subscribed services.
  • Log Collection: Provides visibility into log collection volume and log messages processed in your environment, including log collection per day and a list of collectors with volume by GB, EPS or log messages. To learn more about this report, see Log Collection.
  • Top 10 Log Collectors: Provides visibility into the log collector volume with top ten collector lists measured by GB, EPS or log messages. To learn more about this report, see Top 10 Log Collectors.
  • IDS Traffic: Provides visibility into IDS traffic volume in your environment, including affected assets and IDS traffic per day listed by packets or megabytes. To learn more about this report, see IDS Traffic.
  • Top 10 IDS Assets: Provides lists of the top 10 assets in your environment, measured by packets and megabytes. To learn more about this report, see Top 10 IDS Assets.

Health

You can run the following reports that provide insights into the statuses of networks, agents, and appliances, and specific remediations to improve the level of protection in your environment:

  • Network Health Status Digest: Provides insight into the daily issues related to protected networks in your environment, including a comparison of health statuses, top ten lists, and total number of open remediations for each network. To learn more about this report, see Network Health Status Digest.
  • Collection Issues Digest: Provides insight into the daily issues related to log data collection and Network IDS traffic, including a comparison of health statuses, top five lists, and a list of open remediations to fix configuration issues. To learn more about this report, see Collection Issues Digest.
  • Missing Agent Digest: Provides insight into the daily issues related to hosts that are missing agents, including a comparison of missing agent statuses, top ten lists, and a list of hosts with missing agents. To learn more about this report, see Missing Agent Digest.
  • Daily Health Summary: Provides insight into the daily issues in your environment related to your protected network health status, data collection and network IDS traffic, and hosts missing agents. To learn more about this report, see Daily Health Summary.
  • SSL Certification Expiration Status: Provides insights into the statuses of SSL keys and certificates that are used on Alert Logic appliances to decrypt network traffic. To learn more about this report, see SSL Certification Expiration Status.

Users

You can run the following reports that provides key customer contacts and user accounts:

  • Current Users: Provides a visual overview of the users in your customer account by active or inactive status, user role, or multi-factor authentication settings. The report also provides a list of account details for each user. To learn more about this report, see Current Users.
  • Escalation Contacts: Provides a list of your escalation contacts. These are the primary and secondary contacts designated to receive notification from Alert Logic staff for high-priority security or service incidents.
  • Notification Contacts: Provides a list of your notification contacts. These are contacts set up to receive automated email notifications from the Notifications page.
  • Subscribed Notification Users: Provides a list of users subscribed to receive notifications for specified customer accounts from the Notifications page. To learn more about this report, see Subscribed Notification Users.
  • Incident Notification Contacts: Provides a list of your incident notification contacts. These are contacts set up to receive automated email notifications from the Incidents page.
  • User Login Trends: Provides a visual overview and a detailed list of the users who log into the Alert Logic console, how often and when. To learn more about this report, see User Login Trends.

Service Value Review

You can run the following reports that provides insights into service value and outcomes from the managed detection and response capabilities deployed in your environment:

  • Service Value Review Summary: Provides summary snapshots of detection and response outcomes. To learn more about this report, see Service Value Review Summary.