Generate a Threat And Cloud Analytics Report

The Threat and Cloud Analytics Report is a Threat Indicator Snapshot that is generated by using the traffic collected and inspected by Multicloud Defense Gateway. This provides a more comprehensive report as Multicloud Defense is now in the datapath and compliments the discovery report.

Note that reports cannot be generated for the day of, since a qualitative summarization of events cannot be made until end of day, end of month, end of quarter, or end of year.

Note

You must have Web Application Firewall (WAF), intrusion detection and protection (IDS/IPS) rules enabled in your policy in order for the Multicloud Defense Gateway to collect and poll data. For more information, see the following links respecitvely:

Use the following procedure to generate a Threat And Cloud Analytics with the threat indicators snapshot:

Procedure

Step 1

In the Multicloud Defense Controller page, navigate to Reports > Threat Indicators Snapshot.

Step 2

Under Threat & Cloud Analytics Report, select the Frequency from the drop-down list for the data that is pulled: daily, weekly, monthly, quarterly, or yearly.

  • Daily - From 12 AM for 24 hours. This is in UTC time.

  • Weekly - From Monday to Sunday.

  • Monthly - Generally from the beginning to the end of the month.

  • Quarterly - From the beginning to end of a quart. Quarters are generally defined as from January 1 - March 31, April 1 - June 30, July 1 - September 30, and October 1 - December 31.

  • Yearly - From January 1 to December 31 of the year selected.

Step 3

Select a date. Use the drop-down Calendar to select the time range or specific days that you want to collect data on. Days that are grayed out have no data to compile. If you have no data available to generate a report, confirm your policies contain WAF and IDS/IPS rules.

Step 4

Click Generate Report.

Step 5

The report is generated. To save the report locally, click Print Report. Navigate to a location on your local server and save the report.