Documentation Center
AlienVault® USM Anywhere™

Viewing Assets Details

  Role Availability   Read-Only   Analyst   Manager

To view the details of an asset

  1. Navigate to ENVIRONMENT > ASSETS.
  2. Click the blue chevron icon () located next to the asset name whose details you want to review.
  3. Select Full Details.

Click the star symbol to the left of an item to mark it as a bookmark for quick access. Clicking the Star icon () on the secondary menu shows the bookmarked items and a link to them.

On the upper left side of the page, you see the name and IP address, along with other fields that describe the particular assetAn IP-addressable host, including but not limited to network devices, virtual servers, and physical servers..

On the right, you see the status summary for your asset. It displays the total number of alarmsAlarms provide notification of an event or sequence of events that require attention or investigation., eventsAny traffic or data exchange detected by AlienVault products through a Sensor, or through external devices such as a firewall., vulnerabilities, and configuration issuesAn identified configuration of software deployed, or features of software in use, which is known to be insecure.. The circle can display in orange (for alarms and configuration issues), blue for events, and red for vulnerabilities. The number inside each circle indicates the number of alarms, events, vulnerabilities, and configuration issues for the asset. You can click on each circle to explore the information of each one.

Note: Configuration Issues are only available for AWSSuite of cloud computing services from Amazon that make up an on-demand computing platform. Sensors.

Below the status summary, you can see

At the bottom, there is a table area with tabs, some of them correspond to the circles. Each tab contains a table with records, if present, for your asset.

Asset Details view tab description
Tab Information Shown
Asset Groups Asset groupsAsset groups are administratively created objects that group similar assets for specific purposes. on which the asset is included
Software Software installed on the asset
Services Services available on the asset
Plugins PluginsPlugins specify how to collect and normalize raw information from devices to create events that can then be analyzed to determine threats and vulnerabilities. enabled for the asset
Alarms Alarms related to the asset. There is a bubble graph that provides a graphical representation of alarms by intent. Blue circles indicate the number of times that an alarm in an intent showed. A bigger circle indicates a higher number of alarms. You can mouse over each of the circles to get the actual number of different types of intent. In addition, if you click any of the blue circles, USM Anywhere displays only the alarms corresponding to that circle. You can change the displayed period of time by clicking the Created during filter.
Events Events related to the asset. Click on an event to see its details
Vulnerabilities Vulnerabilities related to the asset. You can filter the active or inactive vulnerabilities by clicking the specific radio button. Click on a vulnerabilityA known issue or weakness in a system, procedure, internal control, software package, or hardware that could be used to compromise security. to see its details
Configuration Issues Information about operational processes. You can filter the active or inactive configuration issues by clicking the specific radio button. Click on a configuration issue to see its details
Scan History List of the asset scans already run. It includes a time-stamp of the scan, the scan type, the status, and the details of each scan
File Integrity This tab is available if the AlienVault Agent has been deployed in the asset. It displays stats about File Integrity Monitoring Events. You can configure a time slot on which the events were received. These slots can be last hour, 24 hours, 7 days, 30 days, or 90 days. See File Integrity Monitoring for further information.
Agent

This tab is available if the AlienVault Agent has been deployed in the asset. It displays information about the agent. You can see the status of the agent (connected or not) and the current version. You can configure a time slot on which the events were received. These slots can be last hour, 24 hours, 7 days, 30 days, or 90 days. You can also see the query history. See The AlienVault Agent for further information. Users whose role is Manager, can also change the configuration profile, see Assigning AlienVault Agent Configuration Profiles

On the upper right side of the page is the Actions button. Use this button to perform actionsIn USM Anywhere you can execute an action from alarms, events, and vulnerabilities to run a scan, get forensic information, or execute a response for a configured AlienApp. on the asset. These consist of