Skip to main content

Overview

UTMStack provides powerful dashboard capabilities for visualizing security data, monitoring threats in real-time, and tracking key security metrics. Dashboards are accessible at /dashboard and offer customizable views for SOC analysts and security teams.

Pre-built Dashboards

Access ready-to-use security dashboards for common monitoring scenarios

Custom Dashboards

Create tailored dashboards with the visualization builder at /creator

Real-time Updates

Monitor security events as they happen with live data refreshes

Dashboard Sharing

Share dashboards with team members and export visualizations

Dashboard Features

Available Dashboard Types

UTMStack offers several specialized dashboards for different security operations needs:
  • Security Overview - High-level view of your security posture
  • Threat Detection - Real-time threat alerts and indicators
  • Compliance Status - Compliance framework monitoring (accessible at /compliance)
  • Asset Visibility - Network asset discovery and monitoring (accessible at /data-sources)
  • Log Analytics - Log data analysis and patterns (accessible at /discover)
  • Incident Tracking - Active incident status and response metrics

Visualization Components

Dashboards support various visualization types:

Charts

Bar, line, pie, and area charts for metric visualization

Tables

Detailed data tables with sorting and filtering

Metrics

Single-value metrics and KPIs

Heatmaps

Time-based activity heatmaps

Maps

Geographic visualization of threats

Timelines

Event timelines and chronological views

Creating Custom Dashboards

1

Access Dashboard Creator

Navigate to /creator to access the graphic builder interface
2

Select Data Source

Choose your data source from available log sources and integrations at /integrations
3

Choose Visualization Type

Select the appropriate visualization component for your data
4

Configure Query

Build your search query using the query builder or custom syntax
5

Customize Appearance

Set colors, labels, axes, and other visual properties
6

Save and Add to Dashboard

Save your visualization and add it to an existing or new dashboard

Dashboard Management Workflow

For SOC Analysts

1

Select Monitoring Dashboard

Navigate to /dashboard and select the appropriate operational dashboard
2

Set Time Range

Configure the time range for your monitoring period (last hour, 24 hours, custom)
3

Monitor Metrics

Watch key security metrics and alerts for anomalies
4

Drill Down on Alerts

Click on visualizations to drill down into detailed log data at /discover
5

Investigate Events

Use filters and search to investigate suspicious events
6

Create Incident

If threats are confirmed, create an incident at /incident for tracking

Dashboard Customization

Layout Configuration

  • Grid System - Drag and drop widgets into responsive grid layouts
  • Widget Sizing - Resize visualizations to emphasize critical metrics
  • Panel Organization - Group related visualizations into collapsible panels
  • Full-screen Mode - Expand dashboards for NOC/SOC display monitors

Filtering and Interactions

Global Filters

Apply filters across all dashboard visualizations simultaneously

Time Controls

Unified time range selection for all dashboard widgets

Click-through Actions

Click on data points to drill down to raw logs

Auto-refresh

Configure automatic dashboard refresh intervals

Common Dashboard Use Cases

Threat Monitoring Dashboard

Monitor active threats and security alerts:
  • Alert volume trends over time
  • Top alert categories and severity distribution
  • Recently triggered alerts from /iframe (alert management)
  • Geographic distribution of threat sources
  • Asset risk scores from /data-sources

Compliance Dashboard

Track compliance status for regulatory frameworks:
  • Compliance score by framework (accessible at /compliance)
  • Failed compliance checks and remediation status
  • Audit log activity and policy violations
  • Asset compliance status
  • Control effectiveness metrics

Operations Dashboard

Monitor SOC operational metrics:
  • Mean time to detect (MTTD) and respond (MTTR)
  • Incident queue and response status from /incident
  • Alert triage metrics
  • Analyst workload distribution
  • SOAR automation execution from /soar

Dashboard Best Practices

Avoid overloading dashboards with too many visualizations. Focus on 6-8 key metrics per dashboard for optimal readability.

Design Guidelines

  1. Purpose-driven - Create dashboards for specific roles or use cases
  2. Prioritize Metrics - Place most critical visualizations in top-left position
  3. Consistent Layouts - Use similar layouts across related dashboards
  4. Color Coding - Use red for critical, yellow for warning, green for healthy
  5. Meaningful Names - Use descriptive dashboard and widget names

Performance Optimization

  • Limit time ranges for heavy queries
  • Use data sampling for large datasets
  • Schedule dashboard pre-computation for complex queries
  • Cache frequently accessed dashboard data

Exporting and Sharing

Export Options

  • PDF Reports - Export dashboard snapshots as PDF documents
  • PNG/JPEG - Export individual visualizations as images
  • CSV Data - Export underlying data for offline analysis
  • Dashboard JSON - Export dashboard configuration for backup or migration

Sharing Dashboards

1

Configure Permissions

Set view or edit permissions for specific users or roles in /management
2

Create Dashboard Link

Generate shareable links with optional time-limited access
3

Schedule Reports

Configure automated dashboard reports via email
4

Embed Dashboards

Embed dashboards in external applications using iframe integration

Graphic Builder

Create custom visualizations and dashboards

Log Discovery

Explore and analyze log data

Data Sources

Manage assets and data sources

Alert Management

View and manage security alerts

Build docs developers (and LLMs) love

Get started for freeTalk to us