Service Value Review Summary

The Service Value Review Summary report provides summary snapshots of detection and response outcomes for the selected date range. Use this report to gain insights into service value and outcomes from the managed detection and response capabilities deployed in your environment.

To access the Service Value Review Summary report:

  1. In the Alert Logic console, click the menu icon (), and then click Validate.
  2. Click Reports, and then click Service.
  3. Under Service Value Review, click VIEW.
  4. Click Service Value Review Summary.

Filter the report

To refine your findings, you can filter your report by date range.

Schedule the report

After you finish setting up the report, you can use CREATE REPORT to run it periodically and subscribe users or an integration (such as a webhook) to receive a notification when the report is generated. To learn how to schedule the report and subscribe notification recipients, see Scheduled Reports and Notifications.

Network Monitoring section

This section provides the total IDS network traffic volume and packets processed in your environment, the count of IDS network events detected, and the number of network security alerts sent during the selected date range.

Log Collection section

This section provides the total log volume and count of log messages collected and processed in your environment, and the number of log-based security alerts sent (based on log analytics and log review) during the selected date range.

Custom and Manual Alerts section

This section provides the count of custom security alerts sent (based on correlation rules) and the count of manual threat hunting alerts sent (based on manual detection sources) during the selected date range.

Incident Trends section

This section provides the count of IDS network events detected, the count of log-based security alerts sent, and the count of custom and manual threat hunting alerts sent during the selected date range.

Incident Threat Levels section

This section provides the count of incidents in each threat level for the selected date range.