View Summary Insights

The AIOps Summary page provides detailed information on all Active insights, including a categorized list of detected anomalies.

Procedure

Step 1

In the left pane, click Insights & Reports > Summary.

Step 2

View the total number of Active Insights.

Insights are classified by:

  • Severity: Insights are classified by their severity levels such as Critical, Warning, and Info.

  • Category: Insights are classified by their categories such as Configuration, Traffic & Capacity, Health & Operations.

Categories

Subcategories

Configuration

Access control policy anomaly detection

Traffic & Capacity

  • Elephant flow detection

  • RA VPN capacity assessment

Health & Operations

  • High data plane CPU usage

  • Snort high CPU usage

  • High data plane memory usage

  • Snort high memory usage

Step 3

Insights Trend displays a timeline showing the trend of insights over a specific duration of time. You can set the duration to 1, 6, 12, or 24 hours, and 2 or 7 days. The default view is set to 24 hours.

Step 4

In the All Insights section, details of each insight are displayed, such as:

  • Time: Time at which the insight was detected or updated.

  • Severity: Severity of the insight such as Critical, Warning, and Info.

  • Insight: Insight title and a short summary about the issue.

  • Category: Insight category such as Health & Operations, Traffic & Capacity, and Configuration.

  • Impacted Resources: Impacted resource for the insights, which can be a device, host, or policy. Currently, only threat defense devices and FMCs are supported.

  • Duration: Duration of the issue since it was first detected until it was resolved.

  • Status: Status of the insight such as Active and Resolved.

Step 5

You can filter insights by factors such as Time Range, Severity, Category, Impacted Resources, Duration, and Status.

Step 6

Click the gear icon to select which columns to display in the All Insights table.