- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
05-28-2024 04:04 AM
Hi all,
We've started using Cortex XDR this year, and I currently see some limitations on the reporting and dashboard module. We're using tags to keep track of our endpoint, and we are looking to create reports based on tags.
Basic example, I want a vulnerability report based on endpoints with tags: <service A> and <service D>. Or an incident report with information on incidents related to <service B>.
We've recieved some help to create our own widgets manually, based on XQL with joined tables. How ever, doing this does not scale very well. Ideally, filtering reports, dashboard and widgets by tags is highly wanted. Any hope to get this feature further down the road?
And meanwhile, any good tips out there on how to scale this or any other approaches to recommend?
BR,
Torgeir
05-28-2024 09:33 PM
Hello @torgeirsk ,
Thank you for reaching out on Live community.
Reports contain statistical data in the form of widgets. Filtering of Time frame is possible for Reports and Dashboards.
Hence, filtering the tags in XQL query and saving it as a widget is the ideal and good approach to build Dashboard and Reports. As it gives us lot of flexibility.
If you have out of box suggestions, please feel free to reach out to Accounts Team or open a CS ticket. In case, if your requirements solves the problem, we can raise a FR on your behalf.
If you feel this has answered your query, please let us know by clicking on "mark this as a Solution".
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!