Skip to content
  • There are no suggestions because the search field is empty.

New Health and Wellness Dashboards

New Health and Wellness DashboardsNew Health and Wellness Dashboards

This topic provides the list of default New Health and Wellness dashboards and associated visualizations and metrics.

Deployment Health Overview Dashboard

This dashboard provides the overall health of the NetWitness Platform hosts and services. The following table provides the information on default visualizations available on this dashboard.

Note: The parameters and metrics listed below are the default values. You can customize the parameters and metrics of any visualization based on your requirement. For example, you can customize a visualization to view the CPU utilization for all the core services or any particular service.

  • Visualization: Alarms Summary
  • Parameters and Metrics:

    • Count of active alert

    • Alert severity

  • Objective:

    Provides the summary of active health alarms based on the severity.

  • Description: Displays the active alarms grouped by severity (Critical, High, Medium, Low).

  • Visualization: Offline Services
  • Parameters and Metrics:

    • Service name

    • Status Time

    • Refresh time 15 minutes

  • Objective: Identifies the list of unavailable services.
  • Description: Displays the list of offline services.

  • Visualization: Stopped Archiver Aggregation
  • Parameters and Metrics:

    • Count of archivers where aggregation is stopped

    • Refresh time 15 minutes

  • Objective:

    Identifies the number of Archivers where aggregation is stopped.

  • Description: Displays the number of Archivers where aggregation is stopped. For more information, see Notifications.

  • Visualization: Stopped Broker Aggregation
  • Parameters and Metrics:

    • Count of Brokers where aggregation is stopped

    • Refresh time 15 minutes

  • Objective: Identifies the number of Brokers where aggregation is stopped.
  • Description: Displays the number of Brokers where aggregation is stopped. For more information, see Notifications.

  • Visualization: Stopped Concentrator Aggregation
  • Parameters and Metrics:

    • Count of Concentrators where aggregation is stopped

    • Refresh time 15 minutes

  • Objective:

    Identifies the number of Concentrators where aggregation is stopped.

  • Description: Displays the number of Concentrators where aggregation is stopped. For more information, see Notifications.

  • Visualization: Stopped Decoder/Log Decoder Capture
  • Parameters and Metrics:

    • Count of Decoders or Log Decoders where capture is stopped

    • Refresh time 15 minutes

  • Objective: Identifies the number of Decoders or Log Decoders where capture is stopped.
  • Description: Displays the number of Decoder or Log Decoder where capture is stopped. For more information, see Notifications.

  • Visualization: Total vs Offline Services
  • Parameters and Metrics:

    • Total number of services

    • Count of offline services

    • Refresh time 15 minutes

  • Objective:

    Identifies the number of offline services versus total number of services.

  • Description: Displays the total number of services and the number of services that are offline.

  • Visualization: Stopped State Aggregation & Capture
  • Parameters and Metrics:

    • Services name

    • Host name

    • Service version

  • Objective: Provides the list of services where aggregation and capture are stopped.
  • Description: Displays the list of services where aggregation and capture are stopped.

  • Visualization:

    NetWitness Services Version Status

  • Parameters and Metrics:

    • Service version

  • Objective:

    Provides the status of NetWitness Platform service versions.

  • Description:

    Displays the status of NetWitness Platform service versions.


  • Visualization: NetWitness Services – Uptime Summary
  • Parameters and Metrics:

    • Service name

    • Host name

    • Running since

  • Objective: Provides an overview on the uptime of the services in the deployment.
  • Description: Displays the list of services and their uptime.

  • Visualization:

    Memory Utilization Trend

  • Parameters and Metrics:

    • Service name

    • Memory usage

  • Objective:

    Provides the memory utilization trend to detect any high utilizations and take necessary action.

  • Description:

    Displays the memory utilization trend of the hosts.


  • Visualization: Current CPU Usage
  • Parameters and Metrics:

    • Services name

    • CPU usage

  • Objective: Provides the CPU usage trend of the hosts to identify any high utilizations and take necessary action.
  • Description: Displays the current CPU usage of the services.

  • Visualization:

    Current Disk Usage

  • Parameters and Metrics:

    • Services name

    • Disk usage

  • Objective:

    Provides the disk utilization in the real time to identify any high utilizations and take necessary action.

  • Description:

    Displays the current disk usage of the hosts.


  • Visualization: Capture Rate for Log Decoders
  • Parameters and Metrics:

    • Service name

    • Capture rate

  • Objective: Provides the capture rate trend to identify any high values and take necessary action.
  • Description: Displays the trend of Log Decoders capture rate.

  • Visualization:

    Capture Rate for Network Decoders

  • Parameters and Metrics:

    • Service name

    • Capture rate

  • Objective:

    Provides the capture rate trend to identify any high values and take necessary action.

  • Description:

    Displays the trend of Network Decoders capture rate.


  • Visualization: Session Aggregation Rate and Trend for Concentrators
  • Parameters and Metrics:

    • Service name

    • Session aggregation rate

  • Objective: Provides an overview on the session rate of the Concentrators to identify any high values and take necessary action.
  • Description: Displays the session aggregation rate and trend of Concentrator.

  • Visualization:

    Retention Summary

  • Parameters and Metrics:

    • Service id

    • Service name

    • Running on host

    • Oldest meta file time

    • Oldest packet file time

    • Oldest session file time

  • Objective:

    Provides a quick view on the current retention of the Decoders, Concentrators and Archivers to check if the retention is lower than the configured retention.

  • Description:

    Displays the oldest date for meta, session, packet present in decoders, logdecoders and concentrators


  • Visualization: Total CPU Usage Trend for Services
  • Parameters and Metrics:

    • CPU usage

    • Service name

  • Objective: Provides the CPU usage trend of the services to detect the high utilization and take necessary action.
  • Description: Displays the top 20 services where CPU usage is high.

  • Visualization:

    Total Memory Usage Summary for Services

  • Parameters and Metrics:

    • Service name

    • Memory usage

  • Objective:

    Provides the memory usage summary of NetWitness Platform services to detect any high usage and take necessary actions.

  • Description:

    Displays the top services that are utilizing the resident memories.


Hosts Dashboard

This dashboard provides the resource utilization and health of NetWitness hosts in your deployment. The following table provides information on default Visualizations available on this dashboard.

  • Visualization: Disk Used
  • Metrics:

    • Disk usage

  • Objective:

    Provides the current disk usage of the hosts to detect the high utilization and take immediate action.

  • Description: Displays the current disk usage of the host.

  • Visualization: Current Memory Usage vs Total Available
  • Metrics:

    • Current memory usage

    • Total available memory

  • Objective: Provides the current memory usage versus total available memory to identify high usage and take necessary action.
  • Description: Displays the current memory usage and total available memory of the host.

  • Visualization: Current Disk Usage vs Total Available Disk
  • Metrics:

    • Current disk usage

    • Total available disk

  • Objective:

    Provides the current disk usage versus total available disk to identify high usage and take necessary action.

  • Description: Displays the current disk usage versus total available disk.

  • Visualization: Disk Usage by Partitions
  • Metrics:

    • Disk partition

    • Disk usage

  • Objective: Provides the disk usage by different partitions to identify high usage and take necessary action.
  • Description: List of partitions and associated disk percentage.

  • Visualization: Resident Memory Usage by Services
  • Metrics:

    • Service name

    • Resident memory usage

  • Objective:

    Provides the resident memory usage per service to identify high usage and take necessary action.

  • Description: Displays the resident memory usage of the service.

  • Visualization: Memory Usage
  • Metrics: Memory usage
  • Objective: Provides the current memory usage percentage of the hosts to identify high memory usage and take necessary action.
  • Description: Displays the memory usage of the host.

  • Visualization: CPU Usage
  • Metrics:

    CPU usage

  • Objective:

    Provides the CPU usage percentage to identify high usage and take necessary action.

  • Description: Displays the CPU usage of the host.

  • Visualization: CPU Usage by Services
  • Metrics:

    • Service name

    • CPU usage

  • Objective: Provides the CPU Percentage per service to detect high usage and take necessary action.
  • Description: Displays the CPU usage of the service.

  • Visualization:

    Interfaces by Incoming Traffic

  • Metrics:

    Incoming traffic on interfaces

  • Objective:

    Provides the trend on interfaces incoming traffic to detect any deviation on time.

  • Description:

    Display the incoming traffic interfaces.


  • Visualization: Interfaces by Outgoing Traffic
  • Metrics: Outgoing traffic on interfaces
  • Objective: Provides the trend on interfaces outgoing traffic to detect any deviation on time.
  • Description: Display the interfaces outgoing traffic.

  • Visualization:

    Services by Open File Descriptors

  • Metrics:

    • Services

    • Open file descriptor

  • Objective:

    Provides the list of open file descriptor associate with a service.

  • Description:

    Displays the list of open file descriptor associated with a service.


  • Visualization: TOP APPLIANCES BY DISK IO READ (Line) Vs WRITE (Bar)
  • Metrics:

    • Service name

    • Disk IO Read

    • Disk IO Write

  • Objective: Provides the list of top appliances by disk IO read and write to detect any high usage and take necessary action.
  • Description: Displays top appliances based on disk IO read and write usage.

  • Visualization:

    Total Inbound Traffic for All Interfaces

  • Metrics:

    • Count of inbound traffic on Interfaces

    • Total transferred traffic

  • Objective:

    Provides the total inbound traffic to detect any deviation on time.

  • Description:

    Displays the current inbound traffic and total transferred traffic.


  • Visualization: Total Outbound Traffic for All Interfaces
  • Metrics:

    • Count of outbound traffic on Interfaces

    • Total transferred traffic

  • Objective: Provides the total outbound traffic to detect any deviation on time.
  • Description: Display the current outbound traffic and total transferred traffic.

Logs Dashboard

This dashboard provides information on various NetWitness Platform logs. The following table provides information on default Visualizations available on this dashboard.

  • Visualization: Log Decoders by Capture Rate
  • Metrics:

    • Service name

    • Capture Rate

  • Objective: Provides the capture rate of Log Decoders to detect high capture rate on time and take necessary action.
  • Description: Displays the Log Decoders by capture rate.

  • Visualization: Log Decoders by Capture Packet Rate
  • Metrics:

    • Service name

    • Capture Packet Rate

  • Objective: Provides the capture packet rate of Log Decoder to detect high capture packet rate on time and take necessary action.
  • Description: Displays the Log Decoders by capture packet rate.

  • Visualization: Log Decoders by CPU Percentage
  • Metrics:

    • Service name

    • CPU usage

  • Objective: Identifies the Log Decoders by CPU usage to detect high usage and take necessary action.
  • Description: Display the Log Decoders by CPU usage..

  • Visualization: Log Decoders by Resident Memory Usage
  • Metrics:

    • Service name

    • Resident Memory Usage

  • Objective: Identifies the Log Decoders by resident memory usage to detect high usage and take necessary action.
  • Description: Display Log decoder by resident memory usage.

  • Visualization: SDK Active Queries on Concentrators
  • Metrics:

    • Service name

    • Count of active queries

  • Objective: Identifies the concentrators by SDK active queries.
  • Description: Display concentrators by SDK active queries.

  • Visualization: Concentrators Status
  • Metrics:

    • Service running on host

    • Service type

    • Service version

    • Aggregation status

    • Average session rate

    • Max session rate

    • Active queries

  • Objective: Provides the concentrator status.
  • Description: Display the list of concentrators and its status.

  • Visualization: Concentrator Session Aggregation Rate [Trend]
  • Metrics:

    • Service name

    • Session rate

  • Objective: Provides the trend of Concentrator session aggregation rates to detect high session rates and take necessary action.
  • Description: Displays Concentrator session aggregation rate.

  • Visualization: SDK Active Queries on Brokers
  • Metrics:

    • Service name

    • Count of Active Queries

  • Objective: Identifies the Brokers by SDK active queries.
  • Description: Lists Brokers by SDK active queries.

  • Visualization: Brokers Status
  • Metrics:

    • Service running on host

    • Service type

    • Service version

    • Aggregation status

    • Average session rate

    • Max session rate

    • Active queries

  • Objective: Provides the Broker status.
  • Description: Displays the list of Brokers and their status.

Packet Overview Dashboard

This dashboard provides information on NetWitness Platform network data. The following table provides information on default Visualizations available on this dashboard.

  • Visualization: Network Decoders by Capture Rate
  • Metrics:

    • Service name

    • Capture rate

  • Objective: Identifies the capture rate of Network Decoder to detect high value and take necessary action.
  • Description: Displays Network Decoders by capture rate.

  • Visualization: Network Decoders by Capture Drop
  • Metrics:

    • Service name

    • Capture drop percentage

  • Objective: Identifies the capture drop rate of Network Decoders to detect drop rate and take necessary action.
  • Description: Displays Network Decoders by capture drop.

  • Visualization: Network Decoders by CPU Percentage
  • Metrics:

    • Service name

    • CPU usage

  • Objective: Identifies the Network Decoders by CPU usage to detect high usage and take necessary action.
  • Description:
  • Column 5: Displays the list of all services and its status.

  • Visualization: Logstash Services by CPU Usage
  • Metrics: ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, Packet Decoder, Endpoint, UEBA, and Malware services and at aggregated levels under throughput license. It provides an overview of the usage of all types of Throughput licenses in your deployment.,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, see New Health and Wellness,,,,,,, ,,,,,,, see Advanced Configurations,,,,,,, ,,,,,,, change the time zone setting under Stack Management > Advanced Settings. If you update the time zone under Advanced settings, it affects other DateTime displays throughout the user interface.,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, detect high value, and take necessary action.,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, detect high value, and take necessary action.
  • Objective: Displays an aggregated packet of data from all the packet services daily.

  • Visualization: ,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, detect high value, and take necessary action.,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, detect high value, and take necessary action.
  • Metrics: Displays an aggregated file usage in bytes from all the Malware services daily.

  • Visualization: ,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, detect high value, and take necessary action.,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, detect high value, and take necessary action.
  • Metrics: Displays an aggregated users from all the UEBA servers daily.

,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,, ,,,,,,,