.png?width=180&height=32&name=NW%20Logo%20(2).png){kind=small}
User or Network Entity Profile View
The User Network Entity Profile view provides detailed information about all alerts and related indicators of a user or network entity.
Workflow
What do you want to do?
*You can complete the tasks here.
Related Topics
- Begin an Investigation of High-Risk User Or Network Entity
- Investigate Top Alerts
- Filter Alerts
- Investigate Events
- Export a list of High-Risk User or Network Entity
- View Modeled Behaviors
Quick Look
The following figure shows the User Modeled Behaviors view.
The Users Profile consist of the following panels:
User or Network Entity Risk Score Panel
The User or Network Entity Risk Score panel contains the following information:
Alert Flow Panel
The Alert Flow panel displays the following information:
Indicator Panel
Click on a graph icon in the Alert Flow panel to open the Indicator panel. The following table describes the indicator panel elements:
In the Indicator panel the events table list events specific to the data sources.
- Common events for User Entity
The following tables list events specific to all the data sources.
- Windows File Servers
The following tables list events specific to Windows file servers.
- Active Directory
The following tables list event specific to Active Directory.
- Logon Activity
The following tables list events specific to Logon Activity.
- Process
The following tables list events specific to Process.
- Registry
The following tables list events specific to Registry.
Network Entities
The following tables list events specific to SSL Subject.
Modeled Behaviors Panel
The Modeled Behaviors panel displays the following information: