Incident Daily Digest

The Incident Daily Digest report provides the incidents detected on the previous day for the selected detection types. Use this report to evaluate daily incidents by threat level, MITRE classification, top attackers, and top targets.

For more information about incidents, see Incidents.

To access the Incident Daily Digest report:

  1. In the Alert Logic console, click the menu icon (), and then click Validate.
  2. Click Reports, and then click Threats.
  3. Under Incident Analysis, click VIEW.
  4. Click Incident Daily Digest.

Filter the report

To refine your findings, filter your report by Date, Customer Account, Deployment Name, Detection Source, Status and Escalation Status.

Filter the report using drop-down menus

By default, Alert Logic includes (All) values for most filters in the report.

To add or remove filter values:

  1. Click the drop-down menu in the filter, and then select or clear values.
  2. Click Apply.

Filter the report using visuals

To refine your findings, click an item within a visual. To filter by multiple items, hold down Ctrl or Command, and then click each item in a visual that you want to use to apply a filter. You can filter using visuals and items selected in different sections. Click on an item again to remove a filter.

Schedule the report

After you finish setting up the report, you can use CREATE REPORT to run it periodically and subscribe users or an integration (such as a webhook) to receive a notification when the report is generated. To learn how to schedule the report and subscribe notification recipients, see Scheduled Reports and Notifications.

Total Incidents Created section

This section provides the total count of incidents for the selected day.

Previous Day Change section

This section provides the count and percentage change between the selected day and the previous day.

Last 30 Days Incident Trend for Selected Date section

This section provides a stacked bar graph of the count of incidents and threats trend over the course of the last 30 days from the selected day.

Threat Level section

This section provides the count and percentages of incidents in each threat level for the selected day.

MITRE Tactic section

This section provides the count and percentages for each incident by MITRE Tactic in a color-coded bar graph for the selected day.

MITRE Technique section

This section provides the count and percentages for each incident by MITRE Technique in a color-coded bar graph for the selected day.

Top Attackers by Incident Count section

This section lists the top attackers, the country of origin, percentage, and the incident count with a bar graph representing the incident count for the selected day.

Top Targets by Incident Count section

This section lists the top IP address targets, percentage, and the country of origin for each targeted asset with a bar graph representing the incident count for the selected day.

List of Incidents section

This section provides a complete list of incidents for the selected day with detailed information about Customer Account, Create Time, Detection Source, Incident ID, Summary, Threat Level, and MITRE classification.