You can visualize, consolidate, and communicate multiple data points through a single widget using multi-grouped table widget.
Note: The multi-source table widget type is available only for Vulnerability Management app.
You could build your search query for a vulnerability and then group the search result using multiple pre-defined parameters. Let us see the quick steps to build a grouped table.
1. On the dashboard, click the Add Widget button. The widget builder is displayed.
2. Select Vulnerability Management application from the left pane and click Create Widget.
3. Choose the Table Widget Type.
4: Provide a name for the widget.
5: Choose Widget Representation as Multi-Grouped.
6. Choose the type of data representation you want in the table.
- Expanded: The values of data points selected through Group By 2 and Group By 3 fields are added as separate columns in the table. For example, if you choose table to be grouped by Type Detected, Severity (Group 2), and Status (Group 3). The values for Type Detected (Confirmed, Potential) are listed as rows in the table, while the values for Severity (Severity 1, Severity 2, and so on) and Status (Re-opened, Active, Fixed) are listed as separate columns in the table. Example
Note: If you choose Status as one of the Group By fields, the Exclude Vulnerabilities filter is not applicable to the Fixed status column in the table. Similarly, if you choose Type Detected as one of the Group By fields, the Exclude Vulnerabilities filter is not applicable to the Information type detected column.
- Collapsed: The data points selected through Group By fields are added as columns in the table. For example, if you choose to the table to grouped by Status, Severity (Group 2), and Type Detected (Group 3). The data points Severity and Type Detected are grouped as columns in the table. Example
7. Choose the Display result as: Vulnerabilities or Asset.
8. Enable Show description on widget check box to display widget description.
9. Choose the Vulnerability data source to be populated in the table.
10. Query 1: Type in your search query for the vulnerabilities data to be populated in the widget. For information on search queries, refer to Search Tutorial. Using the search action menu, you can view the frequently-used QQL queries, save, and manage them with ease. Looking for the different actions on the search queries, see Search Actions.
11. Group By: Select the categorization parameter for the data fetched by search query. Depending on the search result of Query 1, the parameters that can be grouped are pre-populated. Type the parameter name and select from the pre-populated list.
12. Display Limit: Select the limitations from TOP 10, TOP 25, TOP 50 for the data to be populated in the table.
13. Group By 2: Select another parameter for categorization of the data fetched by search query. Depending on the search result of Query 1 and parameter selected in Group By, the parameters in Group By 2 are pre-populated. Type the parameter name and select from the pre-populated list.
14: Group By 3: Similar to Group By 2, you could choose third parameter to categorize the data fetched by the search result. Type the parameter name and select from the pre-populated list.
15. Sort By (only for Vulnerabilities): Choose Count to sort the data type.
16. Sort Order (only for Vulnerabilities): Choose if the data in the table should be sorted in Ascending or Descending order.
For example, you can view top 10 vulnerabilities of severity 3 with its multiple parameters such as the assets it impacts, the status of vulnerability, the date when it was last detected, the associated QID and so on.