The Carbon Black Cloud dashboard provides a high-level overview of your environment health and enables you to quickly navigate to items of interest. You can customize the dashboard tiles and display data for specific time periods and policies.

Widget Definitions List

You can use the predefined widgets in the Carbon Black Cloud console to view the health of all objects, applications, and processes in your environment.

You can add and remove widgets from your dashboard, resize them, and export the displayed data.

Widget Name Description
Getting Started An interactive widget to help you complete the basic onboarding tasks.
Top Alerted Assets A list of the assets that have received the most alerts within the specified time frame.
Alerts A graphical representation of alerts within the specified time frame. Click the chart to access the Alerts page and view more details about the associated alerts.

The chart is available only when you select 3 hour, 1 day, or one week time frame. For all other time frames, including the custom, only the alert number is visible.
Critical Vulnerabilities on VMs The count of all VM workload vulnerabilities across operating systems (OS) and applications (apps). Click any OS or app to go to the Vulnerabilities > Product Vulnerabilities tab and view the filtered vulnerabilities data.
VMs with Critical Vulnerabilities The count of critical vulnerabilities across all VM workload assets. Click the asset type to go to the Vulnerabilities > Assets tab and view the filtered vulnerabilities data for that asset.
Prevented Malware A summary of malware within the specified time frame. Click any malware type to open the filtered Alerts page.
  • Suspect Malware: Processes that could be a vessel for malware but do not have a reputation for malicious behavior. This includes MSBuild, InstallUtil, MSHTA.exe, and others.
  • Known Malware: Files identified as having no purpose other than performing malicious actions on the asset for the benefit of an attacker.
  • Non-Malware: Processes that were stopped due to your local banned list or malicious behavior, including dual-use files and tools. This includes the case where the reputation is executable (for example, a PowerShell or Winword.exe file), but it is behaving badly.
  • PUPs: The Potentially Unwanted Programs produce annoying results (delivering popup ads), but are sometimes used to deliver malware.
Endpoint Status The status of sensors on the endpoints. Click any status to go to the Endpoints page and view the deployed sensors that are in the selected state. Red text indicates that a sensor may require some action.
  • Active: Sensor checked in within the last 30 days.
  • Inactive: Sensor has not checked in within the last 30 days.
  • Quarantined: Sensor is isolated from affecting your network with malware or other suspicious activity.
  • Bypass: Sensor is not sending data to the cloud or is placed here temporarily during an update.
Top Alerted Applications A list of applications that receive the most alerts within the specified time frame.
VM Workloads Overview The state of sensors on the VM workloads. Click any status to go to the VM Workloads page and view the deployed sensors that are in the selected state.
  • Enabled: Sensor is enabled on the workload.
  • Not enabled: Sensor is not enabled on the workloads.
  • VMware Tools update required: You must upgrade the VMware Tools to the supported version.
  • Not supported: Workload does not support the OS or the OS version.
Threat Reports Allows you to search and view your recent threat reports.
  • Click Search for threat. It navigates you to the Investigate page. Here you can view the threat query and events in your environment.
  • Click Full report. It navigates you to the Threat Analysis Unit - Threat Intelligence Notification report by the Carbon Black's TAU team. It helps you to detect and prevent emerging threats.

Export Data

With the Carbon Black Cloud reporting functions, you can generate a report to capture details related to current or predicted resource needs. You can download the report in a PDF or CSV file format for future and offline needs.

You download a full report from the Dashboard page, or a partial report from a single widget.

Procedure

  1. Navigate to the upper right corner of the Dashboard page.
  2. Click the Export (The export icon displayed as a downward arrow) icon and select CSV or PDF Report.
    • The CSV file is available for download under the Notifications drop-down menu.
    • The PDF file downloads to your device.
  3. Optionally, click the Export (The export icon displayed as a downward arrow) icon in a widget of your choice to export any individual data set.
    The CSV file downloads to your device.