Inventory Dashboards

The pre-built Value-Oriented Dashboards include the following inventory dashboards:

• Asset Inventory. This dashboard displays information about assets including data sources, risk level, critical vulnerabilities, location, type, operating systems, ISPs, CVEs, and users.

• Asset Overview w/Users. This dashboard displays details about assets including asset types, servers, VMs, workstations, mobile devices, containers, microservices, and information about users for those assets.

• Assets. This dashboard lists all the assets in your Lucidum system and details about each asset.

• Change Tracking. This dashboard displays information about assets and users over time.

• Compute Asset Inventory. The Compute Asset Inventory dashboard displays details about compute assets and their operating systems.

• Coverage Gaps: CrowdStrike. This dashboard displays information about assets that are not running CrowdStrike, including a monthly burndown chart to track new CrowdStrike installations.

• Coverage Gaps: Rapid7. This dashboard displays information about assets that are not running Rapid7, including a monthly burndown chart to track new Rapid7 installations.

• Coverage Gaps: SentinelOne. This dashboard displays information about assets that are not running SentinelOne, including a monthly burndown chart to track new SentinelOne installations.

• Coverage Gaps: Tenable Agent. This dashboard displays information about assets that are not running Tenable, including a monthly burndown chart to track new Tenable installations.

• Lucidum System Summary. This dashboard displays security information assets, users, risk, and vulnerabilities.

• New Assets & Users (Prev. 7 Days). The New Assets & Users (Prev. 7 Days) dashboard displays information about the assets and users first seen in the last seven days.

• Patching Summary. The Patching Summary dashboard displays information about assets that require patching, including a table with details about each asset that requires patching.

• Users & Assets. This dashboard displays information about assets, asset types, and the associated users.

• VMware Summary. This dashboard provides details about all VMware assets, including datacenters, clusters, hosts, VMs, datastores, resource pools, switches, and port groups.

Required Connectors #

To find all the assets in your environment and the vulnerability and risk information about the assets in your environment, Lucidum recommends you configure Lucidum connectors for:

• The Endpoint Management solutions in your environment (for example, Jamf, Intune, Citrix Endpoint Management, Symantec Endpoint Management, Hexnode)

• The Endpoint Protection solutions in your environment (for example, Trellix Endpoint Security, Symantec Endpoint Protection, SentinelOne, Crowdstrike Falcon, Microsoft Defender for Endpoint )

• The Endpoint Detection and Response solutions in your environment (for example, SentinelOne, Falcon Crowdstrike, Trend Micro XDR, Check Point Harmony Endpoint, Cortex XDR)

• The cloud security solutions in your environment for cloud assets (for example, Netskope, Illumio Core, Orca, Tenable Vulnerability Management, Trend Micro Cloud One, Sophos Central)

• The anti-virus solutions or vulnerability management solutions in your environment (for example, Burp Suite, Cycognito, Greenbone, Kenna, MS Defender, Qualys, Rapid7, Tenable, Vulcan)

• The Mobile Device Management solutions in your environment (for example, Addigy, Citrix Endpoint, Jamf Pro, Kandji)

• The directory solutions in your environment (For example, Azure AD, Microsoft AD, Jump Cloud, PingOne, OpenLDAP,)

• The DHCP solutions in your environment (For example, Infoblox, Efficient IP, BlueCat)

• The VPN solutions in your environment (For example, Cisco AnyConnect, FortiClient, Palo Alto VPN, Citrix Gateway, Zscaler Private Access)

• The cloud solutions in your environment (for example, AWS, Azure, Google Cloud, Oracle Cloud)

Asset Inventory #

The Asset Inventory dashboard displays information about assets including data sources, risk level, critical vulnerabilities, location, type, operating systems, ISPs, CVEs, and users.

The Asset Inventory dashboard looks like this:

Base Query #

Most of the charts in this dashboard use a query like:

Risk Level exists

or

Asset Type exists

These queries search for all risk levels or all asset types for all assets in Lucidum.

If you want to edit this dashboard, you can supply a different field in the query. To view all fields for assets, in the Query Builder, scroll through the values for Field.

Charts #

• Asset Data Sources. This chart displays the data sources that contribute to the list of Lucidum Asset Names.

  • This chart uses the query Data Source exists

  • From the data returned by the query, the Category field specifies the values to use to calculate the entire pie. In this case, the entire pie is the total count of Lucidum Asset Names.

  • From the data returned by the query, the Series field specifies the value to show in each slice of the pie. In this case, each slice displays Data Sources.

  • The Chart Type is “Pie”.

• Assets by Risk Level. This chart displays the number of assets at each Risk Level (low, medium, and high)

  • This chart uses the query Risk Level exists

  • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name.

  • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Risk Level.

  • The Chart Type is “Bar”.

• Assets w/Critical Vulns. This chart displays the assets that has a risk level of “high”.

  • This chart uses the query Risk Level match 3-high

  • From the data returned by the query, the Category fields specifies the columns in the table. In this case, the columns are a count of Critical Vulns,

  • From the data returned by the query, the Series field specifies the row in the table. In this case, the table will have a row for each Lucidum Asset Name.

  • The Chart Type is “Table”.

• Asset Locations. This chart displays the location for all assets.

  • This chart uses the query Location exists

  • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name.

  • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Location.

  • The Chart Type is “Bar”.

• Asset Types. This chart displays the asset types for all assets.

  • This chart uses the query Asset Type exists

  • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name.

  • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Asset Type.

  • The Chart Type is “Bar”.

• User Data Sources. This chart displays the data sources that contribute to the list of Lucidum User Names.

  • This chart uses the query Data Source exists

  • From the data returned by the query, the Category field specifies the values to use to calculate the entire pie. In this case, the entire pie is the total count of Lucidum Asset Names.

  • From the data returned by the query, the Series field specifies the value to show in each slice of the pie. In this case, each slice displays one of the Data Sources.

  • The Chart Type is “Pie”.

• Top-n Operation Systems. This chart displays the top 20 operating systems used by assets.

  • This chart uses the query OS and Version exists

  • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name.

  • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Lucidum OS Version.

  • The Chart Type is “Bar”.

• Top-n ISPs Used for Access. This chart displays the top 20 ISPs used by assets.

  • This chart uses the query ISP exists

  • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name.

  • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the ISP.

  • The Chart Type is “Bar”.

• Top-n CVEs Reported. This chart displays the top 20 CVEs present in assets.

  • This chart uses the query CVE List exists

  • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name.

  • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays entries from the CVE List.

  • The Chart Type is “Bar”.

Asset Overview w/Users #

The Asset Overview w/Users dashboard displays details about assets including asset types, servers, VMs, workstations, mobile devices, containers, microservices, and information about users for those assets.

The Asset Overview w/Users dashboard looks like this:

Base Query #

• Most of the asset charts in this dashboard use a query like:

Asset Type match Workstation

or

Asset Type match Mobile

These queries search for all assets of asset type “workstation” or all assets of asset type “mobile”.

If you want to edit these charts, you can supply a different field in the query. To view all fields for assets, in the Query Builder, scroll through the values for Field.

• Most of the user charts in this dashboard use a query like:

Department exists

or

Location exists

These queries search for all departments for all users or all locations for all users.

If you want to edit these charts, you can supply a different field in the query. To view all fields for user, in the Query Builder, scroll through the values for Field.

Charts #

• All Assets by Type. This chart displays the asset types for all assets.

  • This chart queries the asset database and uses the query Asset Type exists

  • From the data returned by the query, the Category field specifies the values to use to calculate the entire pie. In this case, the entire pie is the total count of Lucidum Asset Names.

  • From the data returned by the query, the Series field specifies the value to show in each slice of the pie. In this case, each slice displays an Asset Type.

  • The Chart Type is “Pie”.

• Servers & VMs. This chart displays a count of the sum of all severs and all VMs.

  • This chart queries the asset database and uses the query Asset Type match server OR Asset Type match VM AND Asset Type not match image. This query searches for server assets and VM assets but not VM image assets.

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

  • The Chart Type is “Big Number”.

• Workstations. This chart displays the count of all workstations.

  • This chart queries the asset database and uses the query Asset Type match Workstation. This query searches for workstation assets.

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

  • The Chart Type is “Big Number”.

• Mobile Devices. This chart displays the count of all mobile devices

  • This chart queries the asset database and uses the query Asset Type match Mobile. This query searches for mobile assets, like laptops, tablets, and phones.

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

  • The Chart Type is “Big Number”.

• Containers and Microservices. This chart displays a count of the sum of all containers and all microservices.

  • This chart queries the asset database and uses the query Asset Type match container OR Asset Type match Micro_Service. This query searches for container assets and microservice assets.

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

  • The Chart Type is “Big Number”.

• Data Sources Contributing Asset Records. This chart displays the data sources that contribute to the list of all assets.

  • This chart queries the asset database and uses the query Asset Type exists

  • From the data returned by the query, the Category field specifies the values to use to calculate the entire pie. In this case, the entire pie is the total count of Lucidum Asset Names.

  • From the data returned by the query, the Series field specifies the value to show in each slice of the pie. In this case, each slice displays Encrypted (yes/no).

  • The Chart Type is “Pie”.

• Users by Department. This chart displays the top 20 departments for all users.

  • This chart queries the user database and uses the query Department exists

  • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum User Name.

  • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays one of the Department.

  • The Chart Type is “Bar”.

• Users by Location. This chart displays the top locations for all users.

  • This chart queries the user database and uses the query Location exists

  • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum User Name.

  • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Location.

  • The Chart Type is “Bar”.

• Users by Manager. This chart displays the top 20 managers for all users.

  • This chart queries the user database and uses the query Manager exists

  • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum User Name.

  • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Manager.

  • The Chart Type is “Bar”.

Assets #

The Assets dashboard lists all the assets in your Lucidum system and details about each asset.

The Assets dashboard looks like this:

Base Query #

• This dashboard includes a single chart.

• The chart uses the query Lucidum Asset Name exists to find all assets in your Lucidum system.

Charts #

• This dashboard includes a single chart.

• From the data returned by the query, the Category fields specifies the columns in the table. In this case, Lucidum User Name, Data Sources, Person Full Name, Department, Location, First Time Seen, Last Time Seen.

• The Chart Type is “Table”.

In the Assets dashboard, you can view the following about each asset:

• Lucidum Best Hostname. Asset name derived by Lucidum Best Hostname SmartLabel.
• Lucidum OS Version. OS version as derived by Lucidum.
• Manufacturer. Manufacturer of the asset.
• Model. Model of the asset
• Location. Location for the asset.
• Last Time Seen. Date and time Lucidum most recently saw this asset.

For each column name, you can:

• Sort by ASC. Sort the results by this column, in ascending order.

• Sort by DESC. Sort the results by this column, in descending order.

• Pin to left. The column is pinned to the left border. When you scroll left to right to view all the columns, this column stays on the left border.

• Pin to right. The column is pinned to the right border. When you scroll left to right to view all the columns, this column stays on the right border.

• Filter. Allows you to filter the table by one or more columns in the results table.

• Hide Column. Removes the column from the page.

• Manage columns. You can include or not include one or more columns in the results table.

Change Tracking #

The Change Tracking dashboard displays information about assets and users over time.

The Change Tracking dashboard looks like this:

Base Query #

Most of the asset charts in this dashboard use a query like:

Asset Name exists

or

User Name Exists

These queries search for all assets or all users.

Charts #

• Asset Total. This chart displays the total count for all assets.

  • This chart queries the asset database and uses the query Lucidum Asset Name exists

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

  • The Chart Type is “Big Number”.

• Assets Total Over Time. This chart displays the number of assets found on each day for the past three months.

  • This chart queries the asset database and uses the query Lucidum Asset Name exists AND Record Generated within past 3 months

  • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name.

  • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Record Generated Time.

  • The Chart Type is “Bar”.

• Assets Data Sources. This chart displays all the data sources that contribute to asset records.

  • This chart queries the asset database and uses the query Data Sources exists. This query searches for all data sources for assets.

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Data Sources.

  • The Chart Type is “Big Number”.

• Assets Data Sources Over Time. This chart displays the number of data sources that contribute to asset records each day for the last three months.

  • This chart queries the asset database and uses the query Data Sources exists AND Record Generated Time within past 3 months. This query searches for all data sources for assets.

  • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Data Sources.

  • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Record Generated Time.

  • The Chart Type is “Bar”.

• Users Total. This chart displays the total count for all users.

  • This chart queries the user database and uses the query Source User Name exists. This query searches for all users associated with a data source.

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum User Name.

  • The Chart Type is “Big Number”.

• Users Total Over Time. This chart displays the number of assets on each day for the last 90 days.

  • This chart queries the user database and uses the query Source User Name exists. This query searches for all users associated with a data source.

  • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum User Name.

  • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Record Generated Time.

  • The Chart Type is “Bar”.

• User Data Sources. This chart displays all the data sources that contribute to user records.

  • This chart queries the user database and uses the query Data Sources exists. This query searches for all data sources for users.

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Data Sourcese.

  • The Chart Type is “Big Number”.

• User Data Sources Over Time. This chart displays the number of data sources that contribute to user records each day for the last 90 days.

  • This chart queries the user database and uses the query Data Sources exists. This query searches for all data sources for users.

  • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Data Sources.

  • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Record Generated Time.

  • The Chart Type is “Bar”.

• Users by Data Source. This chart displays the data sources that contribute to user records.

  • This chart queries the user database and uses the query Data Sources exists. This query searches for all data sources for users.

  • From the data returned by the query, the Category field specifies the values to use to calculate the entire pie. In this case, the entire pie is the total count of Source User Name.

  • From the data returned by the query, the Series field specifies the value to show in each slice of the pie. In this case, each slice displays one of the Data Sources.

  • The Chart Type is “Pie”.

• Assets by Data source. This chart displays the data sources that contribute to asset records.

  • This chart queries the asset database and uses the query Data Sources exists. This query searches for all data sources for assets.

  • From the data returned by the query, the Category field specifies the values to use to calculate the entire pie. In this case, the entire pie is the total count of Lucidum Asset Names.

  • From the data returned by the query, the Series field specifies the value to show in each slice of the pie. In this case, each slice displays one of the Data Sources.

  • The Chart Type is “Pie”.

• Single Data Source Assets. This chart displays a count of all assets records that used data from only one data source.

  • This chart queries the asset database and uses the query Data Sources length eq 1. This query searches for all assets where there is only one data source in the list of data sources.

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

  • The Chart Type is “Big Number”.

• Single Data Source Users. This chart displays a count of all users records that used data from only one data source.

  • This chart queries the user database and uses the query Data Sources length eq 1. This query searches for all users where there is only one data source in the list of data sources.

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum User Name.

  • The Chart Type is “Big Number”.

Compute Asset Inventory #

The Compute Asset Inventory dashboard displays details about compute assets and their operating systems.

The dashboard looks like this:

Base Query #

• Most of the asset charts in this dashboard use a query like:

Online Compute == TRUE AND Last Time Seen within page 1 month

• This query searches for all compute assets that are online and have been active within the last month.

• The field Online Compute is a SmartLabel that specifies Lucidum OS Category in Microsoft Windows, Linux, macOS, Unix, VMware AND IP Address exists AND Lucidum Status match Online. This query finds assets that are running a compute OS, are online, and have an IP address (to weed out containers).

Charts #

• Compute Assets: Total. This chart displays the total count for all compute assets.

  • This chart queries the asset database and uses the query Online Compute == TRUE AND Last Time Seen within past 1 month. This query finds all online compute assets that have been active in the last month.

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name instances.

  • The Chart Type is “Big Number”.

• EOL Windows Servers. This chart displays the total count for all Windows servers running end-of-life operating systems.

  • This chart queries the asset database and uses the query Lucidum OS Category match Microsoft Windows AND Lucidum OS Version match server AND Lucidum OS Version match NT,2016,2012,2008,2000,2003 AND Lucidum Status in Online,Pending AND Last Time Seen within past 1 month. The query finds all Windows Servers with EOL operating systems.

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name instances.

  • The Chart Type is “Big Number”.

• EOL Windows Workstations. This chart displays the total count for all Windows workstations running end-of-life operating systems.

  • This chart queries the asset database and uses the query Lucidum OS Category match Microsoft Windows AND Lucidum OS Version match windows 7,windows xp,windows nt,windows 8 OR OS and Version match 1507,1511,1607,1703,1709,1803,1809,1903,1909,2004,20H2,21H1 AND Lucidum OS Version not match server AND Lucidum Status in Online,Pending AND Last Time Seen within past 1 month. The query finds all Windows workstations with EOL operating systems.

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name instances.

  • The Chart Type is “Big Number”.

• EOL MacOS Assets. This chart displays the total count for all Mac assets running end-of-life operating systems.

  • This chart queries the asset database and uses the query Lucidum OS Category match macOS AND OS and Version exists AND OS and Version match 10. AND Lucidum Status in Online,Pending AND Last Time Seen within past 1 month. The query finds all Mac assets with EOL operating systems.

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name instances.

  • The Chart Type is “Big Number”.

• EOL Linux Asset. This chart displays the total count for all Linux asset running end-of-life operating systems.

  • This chart queries the asset database and uses the query Lucidum OS Category match Linux AND Lucidum OS Version match Centos Linux 5 OR Lucidum OS Version match CentOS Linux 6 OR Lucidum OS Version match CentOS Linux 8 OR Lucidum OS Version match Red Hat Enterprise Linux 3 OR Lucidum OS Version match Red Hat Enterprise Linux 4 OR Lucidum OS Version match Red Hat Enterprise Linux 5 OR Lucidum OS Version match Red Hat Enterprise Linux 6 OR Lucidum OS Version match Debian Linux 1.0 OR Lucidum OS Version match Debian Linux 2.0 OR Lucidum OS Version match Debian Linux 3.0 OR Lucidum OS Version match Debian Linux 4.0 OR Lucidum OS Version match Debian Linux 5.0 OR Lucidum OS Version match Debian Linux 6.0 OR Lucidum OS Version match Debian Linux 7.0 OR Lucidum OS Version match Debian Linux 8.0 OR Lucidum OS Version match Debian Linux 9.0 OR Lucidum OS Version match Debian Linux 10.0 OR Lucidum OS Version match Ubuntu Linux 4. OR Lucidum OS Version match Ubuntu Linux 5. OR Lucidum OS Version match Ubuntu Linux 6. OR Lucidum OS Version match Ubuntu Linux 7. OR Lucidum OS Version match Ubuntu Linux 8. OR Lucidum OS Version match Ubuntu Linux 9. OR Lucidum OS Version match Ubuntu Linux 10. OR Lucidum OS Version match Ubuntu Linux 11. OR Lucidum OS Version match Ubuntu Linux 12. OR Lucidum OS Version match Ubuntu Linux 13. OR Lucidum OS Version match Ubuntu Linux 14. OR Lucidum OS Version match Ubuntu Linux 15. OR Lucidum OS Version match Ubuntu Linux 16. OR Lucidum OS Version match Ubuntu Linux 17. OR Lucidum OS Version match Ubuntu Linux 18. OR Lucidum OS Version match Ubuntu Linux 19. OR Lucidum OS Version match Ubuntu Linux 20.10 OR Lucidum OS Version match Ubuntu Linux 21.04 OR Lucidum OS Version match Ubuntu Linux 21.10 OR Lucidum OS Version match SuSE Linux 10 OR Lucidum OS Version match SuSE Linux 11 OR Lucidum OS Version match Oracle Linux 6. AND Lucidum Status in Online,Pending AND Last Time Seen within past 1 month. The query finds all Linux assets with EOL operating systems.

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name instances.

  • The Chart Type is “Big Number”.

• Compute Assets by Platform. This chart displays compute assets by OS category.

  • This chart queries the asset database and uses the query Online Compute == TRUE AND Last Time Seen within past 1 month. This query finds all online compute assets that have been active in the last month.

  • From the data returned by the query, the Category field specifies the value of the entire pie. In this case, the chart displays a count of Lucidum Asset Name instances.

  • From the data returned by the query, the Series field specifies the value to show in each slice of pie. In this case, the chart displays Lucidum OS Category in each slice.

  • The Chart Type is “Pie”.

• Compute Assets by Platform. This chart displays compute assets by OS version.

  • This chart queries the asset database and uses the query Online Compute == TRUE AND Last Time Seen within past 1 month. This query finds all online compute assets that have been active in the last month.

  • From the data returned by the query, the Category field specifies the value of the entire pie. In this case, the chart displays a count of Lucidum Asset Name instances.

  • From the data returned by the query, the Series field specifies the value to show in each slice of pie. In this case, the chart displays Lucidum OS Version in each slice.

  • The Chart Type is “Pie”.

• Compute Assets by Location. This chart displays compute assets by location.

  • This chart queries the asset database and uses the query Online Compute == TRUE AND Last Time Seen within past 1 month. This query finds all online compute assets that have been active in the last month.

  • From the data returned by the query, the Category field specifies the value to show in the x-axis. In this case, the chart displays a count of Lucidum Asset Name instances.

  • From the data returned by the query, the Series field specifies the value to show in the y-axis. In this case, the chart displays Location.

  • The Chart Type is “Bar”.

• Windows Servers. This chart displays the total count for all Windows servers.

  • This chart queries the asset database and uses the query Online Compute == True AND Last Time Seen within past 1 month AND Lucidum OS Category match Microsoft Windows AND Lucidum OS Version match Server. This query finds all Windows servers that have been active in the last month.

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name instances.

  • The Chart Type is “Big Number”.

• Windows Workstations. This chart displays the total count for all Windows workstations.

  • This chart queries the asset database and uses the query Online Compute == True AND Last Time Seen within past 1 month AND Lucidum OS Category match Microsoft Windows AND Lucidum OS Version not match Server. This query finds all Windows workstations that have been active in the last month.

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name instances.

  • The Chart Type is “Big Number”.

• iOS and Android Assets. This chart displays the total count for all iOS and Android assets.

  • This chart queries the asset database and uses the query Online Compute == True AND Last Time Seen within past 1 month AND Lucidum OS Category match iOS OR Lucidum Os Category match Android. This query finds all iOS and Android assets that have been active in the last month.

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name instances.

  • The Chart Type is “Big Number”.

• Compute Assets by Department. This chart displays compute assets by department.

  • This chart queries the asset database and uses the query Online Compute == TRUE AND Last Time Seen within past 1 month. This query finds all online compute assets that have been active in the last month.

  • From the data returned by the query, the Category field specifies the value to show in the x-axis. In this case, the chart displays a count of Lucidum Asset Name instances.

  • From the data returned by the query, the Series field specifies the value to show in the y-axis. In this case, the chart displays Department.

  • The Chart Type is “Bar”.

• Linux Assets. This chart displays the total count for all Linux assets.

  • This chart queries the asset database and uses the query Online Compute == True AND Last Time Seen within past 1 month AND Lucidum OS Category match Linux. This query finds all Linux assets that have been active in the last month.

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name instances.

  • The Chart Type is “Big Number”.

• macOS Assets. This chart displays the total count for all MacOS assets.

  • This chart queries the asset database and uses the query Online Compute == True AND Last Time Seen within past 1 month AND Lucidum OS Category match macOS. This query finds all MacOS assets that have been active in the last month.

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name instances.

  • The Chart Type is “Big Number”.

• Unix Assets. This chart displays the total count for all Unix assets.

  • This chart queries the asset database and uses the query Online Compute == True AND Last Time Seen within past 1 month AND Lucidum OS Category match Unix. This query finds all Unix assets that have been active in the last month.

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name instances.

  • The Chart Type is “Big Number”.

Coverage Gaps: CrowdStrike #

The Coverage Gaps: CrowdStrike dashboard displays information about assets that are not running CrowdStrike, including a monthly burndown chart to track new CrowdStrike installations.

The dashboard looks like this:

Base Query #

Most of the asset charts in this dashboard use a query like:

Lucidum OS Category in Microsoft Windows, macOS, Liunx, Unix

AND

Data Sources not match CrowdStrike Host

These queries search for all compute assets by operating system that are not running CrowdStrike

Charts #

• Compute Assets: Total. This chart displays the total count for all compute assets.

  • This chart queries the asset database and uses the query Lucidum OS Category in Microsoft Windows, macOS, Liunx, Unix

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

  • The Chart Type is “Big Number”.

• Assets in CrowdStrike. This chart displays the total count for all compute assets that have CrowdStrike installed.

  • This chart queries the asset database and uses the query Lucidum OS Category in Microsoft Windows, macOS, Liunx, Unix AND Data Sources match CrowdStrike Host

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

  • The Chart Type is “Big Number”.

• CrowdStrike Whitespace. This chart displays the total count for all compute assets that do not have CrowdStrike installed.

  • This chart queries the asset database and uses the query Lucidum OS Category in Microsoft Windows, macOS, Liunx, Unix AND Data Sources not match CrowdStrike Host

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

  • The Chart Type is “Big Number”.

• Whitespace by OS Category. This chart displays compute assets that do not have CrowdStrike installed, organized by OS category.

  • This chart queries the asset database and uses the query Lucidum OS Category in Microsoft Windows, macOS, Liunx, Unix AND Data Sources not match CrowdStrike Host

  • From the data returned by the query, the Category field specifies the value to show in the x-axis. In this case, the chart displays a count of Lucidum Asset Name.

  • From the data returned by the query, the Series field specifies the value to show in the y-axis. In this case, the chart displays a count of Lucidum OS Category.

  • The Chart Type is “Bar”.

• Whitespace One-Month Burndown. This chart displays compute assets that do not have CrowdStrike installed, organized by most recent date seen. This bars should get shorter over time as staff installs CrowdStrike on compute assets that did not have CrowdStrike.

  • This chart queries the asset database and uses the query Lucidum OS Category in Microsoft Windows, macOS, Liunx, Unix AND Data Sources not match CrowdStrike Host AND Last Time Seen within past 1 month

  • From the data returned by the query, the Category field specifies the value to show in the x-axis. In this case, the chart displays a count of Lucidum Asset Name.

  • From the data returned by the query, the Series field specifies the value to show in the y-axis. In this case, the chart displays a count of Last Time Seen.

  • The Chart Type is “Bar”.

• Whitespace by OS Version (Windows Server). This chart displays Windows Server assets that do not have CrowdStrike installed, organized by Windows Server version.

  • This chart queries the asset database and uses the query Lucidum OS Version match Windows Server AND Data Sources not match CrowdStrike Host

  • From the data returned by the query, the Category field specifies the value to show in the x-axis. In this case, the chart displays a count of Lucidum Asset Name.

  • From the data returned by the query, the Series field specifies the value to show in the y-axis. In this case, the chart displays a count of Lucidum OS Version.

  • The Chart Type is “Bar”.

• Whitespace by OS Version (Windows workstation). This chart displays Windows workstation assets that do not have CrowdStrike installed, organized by Windows version.

  • This chart queries the asset database and uses the query Lucidum OS Version not match Windows Server AND Lucidum Os Version match Windows AND Data Sources not match CrowdStrike Host

  • From the data returned by the query, the Category field specifies the value to show in the x-axis. In this case, the chart displays a count of Lucidum Asset Name.

  • From the data returned by the query, the Series field specifies the value to show in the y-axis. In this case, the chart displays a count of Lucidum OS Version.

  • The Chart Type is “Bar”.

• Whitespace by OS Version (macOS). This chart displays MacOS assets that do not have CrowdStrike installed, organized by macOS version.

  • This chart queries the asset database and uses the query Lucidum OS Category match macOS AND Data Sources not match CrowdStrike Host

  • From the data returned by the query, the Category field specifies the value to show in the x-axis. In this case, the chart displays a count of Lucidum Asset Name.

  • From the data returned by the query, the Series field specifies the value to show in the y-axis. In this case, the chart displays a count of Lucidum OS Version.

  • The Chart Type is “Bar”.

• Whitespace by OS Version (Linux). This chart displays Linux assets that do not have CrowdStrike installed, organized by Linux version.

  • This chart queries the asset database and uses the query Lucidum OS Category match Linux AND Data Sources not match CrowdStrike Host

  • From the data returned by the query, the Category field specifies the value to show in the x-axis. In this case, the chart displays a count of Lucidum Asset Name.

  • From the data returned by the query, the Series field specifies the value to show in the y-axis. In this case, the chart displays a count of Lucidum OS Version.

  • The Chart Type is “Bar”.

• Server Whitespace by Location (Windows Server). This chart displays Windows Server assets that do not have CrowdStrike installed, organized by geographic location.

  • This chart queries the asset database and uses the query Lucidum OS Category match Windows Server AND Data Sources not match CrowdStrike Host

  • From the data returned by the query, the Category field specifies the value of the entire pie. In this case, the chart displays a count of Lucidum Asset Name (Windows Server assets that are not running CrowdStrike).

  • From the data returned by the query, the Series field specifies the value to show in each slice of pie. In this case, the chart displays Location in each slice.

  • The Chart Type is “Pie”.

• Workstation Whitespace by Location (Windows Workstation). This chart displays Windows workstation assets that do not have CrowdStrike installed, organized by geographic location.

  • This chart queries the asset database and uses the query Lucidum OS Version not match Windows Server AND Lucidum Os Version match Windows AND Data Sources not match CrowdStrike Host

  • From the data returned by the query, the Category field specifies the value of the entire pie. In this case, the chart displays a count of Lucidum Asset Name (Windows workstation assets that are not running CrowdStrike).

  • From the data returned by the query, the Series field specifies the value to show in each slice of pie. In this case, the chart displays Location in each slice.

  • The Chart Type is “Pie”.

• macOS Whitespace by Location (macOS). This chart displays MacOS assets that do not have CrowdStrike installed, organized by geographic location.

  • This chart queries the asset database and uses the query Lucidum OS Category match macOS AND Data Sources not match CrowdStrike Host

  • From the data returned by the query, the Category field specifies the value of the entire pie. In this case, the chart displays a count of Lucidum Asset Name (MacOS assets that are not running CrowdStrike).

  • From the data returned by the query, the Series field specifies the value to show in each slice of pie. In this case, the chart displays Location in each slice.

  • The Chart Type is “Pie”.

• Linux Whitespace by Location (Linux). This chart displays Linux assets that do not have CrowdStrike installed, organized by geographic location.

  • This chart queries the asset database and uses the query Lucidum OS Category match Linux AND Data Sources not match CrowdStrike Host

  • From the data returned by the query, the Category field specifies the value of the entire pie. In this case, the chart displays a count of Lucidum Asset Name (Linux assets that are not running CrowdStrike).

  • From the data returned by the query, the Series field specifies the value to show in each slice of pie. In this case, the chart displays Location in each slice.

  • The Chart Type is “Pie”.

Coverage Gaps: Rapid7 #

The Coverage Gaps: Rapid7 dashboard displays information about assets that are not running Rapid7, including a monthly burndown chart to track new Rapid7 installations.

The dashboard looks like this:

Base Query #

Most of the asset charts in this dashboard use a query like:

Lucidum OS Category in Microsoft Windows, macOS, Liunx, Unix

AND

Data Sources not match Rapid7

These queries search for all compute assets by operating system that are not running CrowdStrike

Charts #

• Compute Assets: Total. This chart displays the total count for all compute assets.

  • This chart queries the asset database and uses the query Lucidum OS Category in Microsoft Windows, macOS, Liunx, Unix

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

  • The Chart Type is “Big Number”.

• Assets in Rapid7. This chart displays the total count for all compute assets that have Rapid7 installed.

  • This chart queries the asset database and uses the query Lucidum OS Category in Microsoft Windows, macOS, Liunx, Unix AND Data Sources match Rapid7

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

  • The Chart Type is “Big Number”.

• Rapid7 Whitespace. This chart displays the total count for all compute assets that do not have Rapid7 installed.

  • This chart queries the asset database and uses the query Lucidum OS Category in Microsoft Windows, macOS, Liunx, Unix AND Data Sources not match Rapid7

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

  • The Chart Type is “Big Number”.

• Whitespace by OS Category. This chart displays compute assets that do not have Rapid7 installed, organized by OS category.

  • This chart queries the asset database and uses the query Lucidum OS Category in Microsoft Windows, macOS, Liunx, Unix AND Data Sources not match Rapid7

  • From the data returned by the query, the Category field specifies the value to show in the x-axis. In this case, the chart displays a count of Lucidum Asset Name.

  • From the data returned by the query, the Series field specifies the value to show in the y-axis. In this case, the chart displays a count of Lucidum OS Category.

  • The Chart Type is “Bar”.

• Whitespace One-Month Burndown. This chart displays compute assets that do not have Rapid7 installed, organized by most recent date seen. This bars should get shorter over time as staff installs Rapid7 on compute assets that did not have Rapid7.

  • This chart queries the asset database and uses the query Lucidum OS Category in Microsoft Windows, macOS, Liunx, Unix AND Data Sources not match Rapid7 AND Last Time Seen within past 1 month

  • From the data returned by the query, the Category field specifies the value to show in the x-axis. In this case, the chart displays a count of Lucidum Asset Name.

  • From the data returned by the query, the Series field specifies the value to show in the y-axis. In this case, the chart displays a count of Last Time Seen.

  • The Chart Type is “Bar”.

• Whitespace by OS Version (Windows Server). This chart displays Windows Server assets that do not have Rapid7 installed, organized by Windows Server version.

  • This chart queries the asset database and uses the query Lucidum OS Version match Windows Server AND Data Sources not match Rapid7

  • From the data returned by the query, the Category field specifies the value to show in the x-axis. In this case, the chart displays a count of Lucidum Asset Name.

  • From the data returned by the query, the Series field specifies the value to show in the y-axis. In this case, the chart displays a count of Lucidum OS Version.

  • The Chart Type is “Bar”.

• Whitespace by OS Version (Windows workstation). This chart displays Windows workstation assets that do not have Rapid7 installed, organized by Windows version.

  • This chart queries the asset database and uses the query Lucidum OS Version not match Windows Server AND Lucidum Os Version match Windows AND Data Sources not match Rapid7

  • From the data returned by the query, the Category field specifies the value to show in the x-axis. In this case, the chart displays a count of Lucidum Asset Name.

  • From the data returned by the query, the Series field specifies the value to show in the y-axis. In this case, the chart displays a count of Lucidum OS Version.

  • The Chart Type is “Bar”.

• Whitespace by OS Version (macOS). This chart displays MacOS assets that do not have Rapid7 installed, organized by macOS version.

  • This chart queries the asset database and uses the query Lucidum OS Category match macOS AND Data Sources not match Rapid7

  • From the data returned by the query, the Category field specifies the value to show in the x-axis. In this case, the chart displays a count of Lucidum Asset Name.

  • From the data returned by the query, the Series field specifies the value to show in the y-axis. In this case, the chart displays a count of Lucidum OS Version.

  • The Chart Type is “Bar”.

• Whitespace by OS Version (Linux). This chart displays Linux assets that do not have Rapid7 installed, organized by Linux version.

  • This chart queries the asset database and uses the query Lucidum OS Category match Linux AND Data Sources not match Rapid7

  • From the data returned by the query, the Category field specifies the value to show in the x-axis. In this case, the chart displays a count of Lucidum Asset Name.

  • From the data returned by the query, the Series field specifies the value to show in the y-axis. In this case, the chart displays a count of Lucidum OS Version.

  • The Chart Type is “Bar”.

• Server Whitespace by Location (Windows Server). This chart displays Windows Server assets that do not have Rapid7 installed, organized by geographic location.

  • This chart queries the asset database and uses the query Lucidum OS Category match Windows Server AND Data Sources not match Rapid7

  • From the data returned by the query, the Category field specifies the value of the entire pie. In this case, the chart displays a count of Lucidum Asset Name (Windows Server assets that are not running Rapid7).

  • From the data returned by the query, the Series field specifies the value to show in each slice of pie. In this case, the chart displays Location in each slice.

  • The Chart Type is “Pie”.

• Workstation Whitespace by Location (Windows Workstation). This chart displays Windows workstation assets that do not have Rapid7 installed, organized by geographic location.

  • This chart queries the asset database and uses the query Lucidum OS Version not match Windows Server AND Lucidum Os Version match Windows AND Data Sources not match Rapid7

  • From the data returned by the query, the Category field specifies the value of the entire pie. In this case, the chart displays a count of Lucidum Asset Name (Windows workstation assets that are not running Rapid7).

  • From the data returned by the query, the Series field specifies the value to show in each slice of pie. In this case, the chart displays Location in each slice.

  • The Chart Type is “Pie”.

• macOS Whitespace by Location (macOS). This chart displays MacOS assets that do not have Rapid7 installed, organized by geographic location.

  • This chart queries the asset database and uses the query Lucidum OS Category match macOS AND Data Sources not match Rapid7

  • From the data returned by the query, the Category field specifies the value of the entire pie. In this case, the chart displays a count of Lucidum Asset Name (MacOS assets that are not running Rapid7).

  • From the data returned by the query, the Series field specifies the value to show in each slice of pie. In this case, the chart displays Location in each slice.

  • The Chart Type is “Pie”.

• Linux Whitespace by Location (Linux). This chart displays Linux assets that do not have Rapid7 installed, organized by geographic location.

  • This chart queries the asset database and uses the query Lucidum OS Category match Linux AND Data Sources not match Rapid7

  • From the data returned by the query, the Category field specifies the value of the entire pie. In this case, the chart displays a count of Lucidum Asset Name (Linux assets that are not running Rapid7).

  • From the data returned by the query, the Series field specifies the value to show in each slice of pie. In this case, the chart displays Location in each slice.

  • The Chart Type is “Pie”.

Coverage Gaps: SentinelOne #

The Coverage Gaps: SentinelOne dashboard displays information about assets that are not running SentinelOne, including a monthly burndown chart to track new SentinelOne installations.

The dashboard looks like this:

Base Query #

Most of the asset charts in this dashboard use a query like:

Lucidum OS Category in Microsoft Windows, macOS, Liunx, Unix

AND

Data Sources not match SentinelOne Agent

These queries search for all compute assets by operating system that are not running SentinelOne

Charts #

• Compute Assets: Total. This chart displays the total count for all compute assets.

  • This chart queries the asset database and uses the query Lucidum OS Category in Microsoft Windows, macOS, Liunx, Unix

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

  • The Chart Type is “Big Number”.

• Assets in SentinelOne. This chart displays the total count for all compute assets that have SentinelOne installed.

  • This chart queries the asset database and uses the query Lucidum OS Category in Microsoft Windows, macOS, Liunx, Unix AND Data Sources match SentinelOne Agent

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

  • The Chart Type is “Big Number”.

• SentinelOne Whitespace. This chart displays the total count for all compute assets that do not have SentinelOne installed.

  • This chart queries the asset database and uses the query Lucidum OS Category in Microsoft Windows, macOS, Liunx, Unix AND Data Sources not match SentinelOne Agent

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

  • The Chart Type is “Big Number”.

• Whitespace by OS Category. This chart displays compute assets that do not have SentinelOne installed, organized by OS category.

  • This chart queries the asset database and uses the query Lucidum OS Category in Microsoft Windows, macOS, Liunx, Unix AND Data Sources not match SentinelOne Agent

  • From the data returned by the query, the Category field specifies the value to show in the x-axis. In this case, the chart displays a count of Lucidum Asset Name.

  • From the data returned by the query, the Series field specifies the value to show in the y-axis. In this case, the chart displays a count of Lucidum OS Category.

  • The Chart Type is “Bar”.

• Whitespace One-Month Burndown. This chart displays compute assets that do not have SentinelOne installed, organized by most recent date seen. This bars should get shorter over time as staff installs SentinelOne on compute assets that did not have SentinelOne.

  • This chart queries the asset database and uses the query Lucidum OS Category in Microsoft Windows, macOS, Liunx, Unix AND Data Sources not match SentinelOne Agent AND Last Time Seen within past 1 month

  • From the data returned by the query, the Category field specifies the value to show in the x-axis. In this case, the chart displays a count of Lucidum Asset Name.

  • From the data returned by the query, the Series field specifies the value to show in the y-axis. In this case, the chart displays a count of Last Time Seen.

  • The Chart Type is “Bar”.

• Whitespace by OS Version (Windows Server). This chart displays Windows Server assets that do not have SentinelOne installed, organized by Windows Server version.

  • This chart queries the asset database and uses the query Lucidum OS Version match Windows Server AND Data Sources not match SentinelOne Agent

  • From the data returned by the query, the Category field specifies the value to show in the x-axis. In this case, the chart displays a count of Lucidum Asset Name.

  • From the data returned by the query, the Series field specifies the value to show in the y-axis. In this case, the chart displays a count of Lucidum OS Version.

  • The Chart Type is “Bar”.

• Whitespace by OS Version (Windows workstation). This chart displays Windows workstation assets that do not have SentinelOne installed, organized by Windows version.

  • This chart queries the asset database and uses the query Lucidum OS Version not match Windows Server AND Lucidum Os Version match Windows AND Data Sources not match SentinelOne Agent

  • From the data returned by the query, the Category field specifies the value to show in the x-axis. In this case, the chart displays a count of Lucidum Asset Name.

  • From the data returned by the query, the Series field specifies the value to show in the y-axis. In this case, the chart displays a count of Lucidum OS Version.

  • The Chart Type is “Bar”.

• Whitespace by OS Version (macOS). This chart displays MacOS assets that do not have SentinelOne installed, organized by macOS version.

  • This chart queries the asset database and uses the query Lucidum OS Category match macOS AND Data Sources not match SentinelOne Agent

  • From the data returned by the query, the Category field specifies the value to show in the x-axis. In this case, the chart displays a count of Lucidum Asset Name.

  • From the data returned by the query, the Series field specifies the value to show in the y-axis. In this case, the chart displays a count of Lucidum OS Version.

  • The Chart Type is “Bar”.

• Whitespace by OS Version (Linux). This chart displays Linux assets that do not have SentinelOne installed, organized by Linux version.

  • This chart queries the asset database and uses the query Lucidum OS Category match Linux AND Data Sources not match SentinelOne Agent

  • From the data returned by the query, the Category field specifies the value to show in the x-axis. In this case, the chart displays a count of Lucidum Asset Name.

  • From the data returned by the query, the Series field specifies the value to show in the y-axis. In this case, the chart displays a count of Lucidum OS Version.

  • The Chart Type is “Bar”.

• Server Whitespace by Location (Windows Server). This chart displays Windows Server assets that do not have SentinelOne installed, organized by geographic location.

  • This chart queries the asset database and uses the query Lucidum OS Category match Windows Server AND Data Sources not match SentinelOne Agent

  • From the data returned by the query, the Category field specifies the value of the entire pie. In this case, the chart displays a count of Lucidum Asset Name (Windows Server assets that are not running SentinelOne).

  • From the data returned by the query, the Series field specifies the value to show in each slice of pie. In this case, the chart displays Location in each slice.

  • The Chart Type is “Pie”.

• Workstation Whitespace by Location (Windows Workstation). This chart displays Windows workstation assets that do not have SentinelOne installed, organized by geographic location.

  • This chart queries the asset database and uses the query Lucidum OS Version not match Windows Server AND Lucidum Os Version match Windows AND Data Sources not match SentinelOne Agent

  • From the data returned by the query, the Category field specifies the value of the entire pie. In this case, the chart displays a count of Lucidum Asset Name (Windows workstation assets that are not running SentinelOne).

  • From the data returned by the query, the Series field specifies the value to show in each slice of pie. In this case, the chart displays Location in each slice.

  • The Chart Type is “Pie”.

• macOS Whitespace by Location (macOS). This chart displays MacOS assets that do not have SentinelOne installed, organized by geographic location.

  • This chart queries the asset database and uses the query Lucidum OS Category match macOS AND Data Sources not match SentinelOne Agent

  • From the data returned by the query, the Category field specifies the value of the entire pie. In this case, the chart displays a count of Lucidum Asset Name (MacOS assets that are not running SentinelOne).

  • From the data returned by the query, the Series field specifies the value to show in each slice of pie. In this case, the chart displays Location in each slice.

  • The Chart Type is “Pie”.

• Linux Whitespace by Location (Linux). This chart displays Linux assets that do not have SentinelOne installed, organized by geographic location.

  • This chart queries the asset database and uses the query Lucidum OS Category match Linux AND Data Sources not match SentinelOne Agent

  • From the data returned by the query, the Category field specifies the value of the entire pie. In this case, the chart displays a count of Lucidum Asset Name (Linux assets that are not running SentinelOne).

  • From the data returned by the query, the Series field specifies the value to show in each slice of pie. In this case, the chart displays Location in each slice.

  • The Chart Type is “Pie”.

Coverage Gaps: Tenable Agent #

The Coverage Gaps: Tenable Agent dashboard displays information about assets that are not running the Tenable Agent, including a monthly burndown chart to track new installations of the Tenable Agent.

The dashboard looks like this:

Base Query #

Most of the asset charts in this dashboard use a query like:

Lucidum OS Category in Microsoft Windows, macOS, Liunx, Unix

AND

Data Sources not match Tenable Vulnerability Management Agent

These queries search for all compute assets by operating system that are not running the Tenable Agent

Charts #

• Compute Assets: Total. This chart displays the total count for all compute assets.

  • This chart queries the asset database and uses the query Lucidum OS Category in Microsoft Windows, macOS, Liunx, Unix

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

  • The Chart Type is “Big Number”.

• Assets in Tenable (Agent). This chart displays the total count for all compute assets that have the Tenable Agent installed.

  • This chart queries the asset database and uses the query Lucidum OS Category in Microsoft Windows, macOS, Liunx, Unix AND Data Sources match Tenable Vulnerability Management Agent

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

  • The Chart Type is “Big Number”.

• Tenable Agent Whitespace. This chart displays the total count for all compute assets that do not have the Tenable Agent installed.

  • This chart queries the asset database and uses the query Lucidum OS Category in Microsoft Windows, macOS, Liunx, Unix AND Data Sources not match Tenable Vulnerability Management Agent

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

  • The Chart Type is “Big Number”.

• Whitespace by OS Category. This chart displays compute assets that do not have the Tenable Agent installed, organized by OS category.

  • This chart queries the asset database and uses the query Lucidum OS Category in Microsoft Windows, macOS, Liunx, Unix AND Data Sources not match Tenable Vulnerability Management Agent

  • From the data returned by the query, the Category field specifies the value to show in the x-axis. In this case, the chart displays a count of Lucidum Asset Name.

  • From the data returned by the query, the Series field specifies the value to show in the y-axis. In this case, the chart displays a count of Lucidum OS Category.

  • The Chart Type is “Bar”.

• Whitespace One-Month Burndown. This chart displays compute assets that do not have the Tenable Agent installed, organized by most recent date seen. This bars should get shorter over time as staff installs the Tenable Agent on compute assets that did not have the Tenable Agent.

  • This chart queries the asset database and uses the query Lucidum OS Category in Microsoft Windows, macOS, Liunx, Unix AND Data Sources not match Tenable Vulnerability Management Agent AND Last Time Seen within past 1 month

  • From the data returned by the query, the Category field specifies the value to show in the x-axis. In this case, the chart displays a count of Lucidum Asset Name.

  • From the data returned by the query, the Series field specifies the value to show in the y-axis. In this case, the chart displays a count of Last Time Seen.

  • The Chart Type is “Bar”.

• Whitespace by OS Version (Windows Server). This chart displays Windows Server assets that do not have the Tenable Agent installed, organized by Windows Server version.

  • This chart queries the asset database and uses the query Lucidum OS Version match Windows Server AND Data Sources not match Tenable Vulnerability Management Agent

  • From the data returned by the query, the Category field specifies the value to show in the x-axis. In this case, the chart displays a count of Lucidum Asset Name.

  • From the data returned by the query, the Series field specifies the value to show in the y-axis. In this case, the chart displays a count of Lucidum OS Version.

  • The Chart Type is “Bar”.

• Whitespace by OS Version (Windows workstation). This chart displays Windows workstation assets that do not have the Tenable Agent installed, organized by Windows version.

  • This chart queries the asset database and uses the query Lucidum OS Version not match Windows Server AND Lucidum Os Version match Windows AND Data Sources not match Tenable Vulnerability Management Agent

  • From the data returned by the query, the Category field specifies the value to show in the x-axis. In this case, the chart displays a count of Lucidum Asset Name.

  • From the data returned by the query, the Series field specifies the value to show in the y-axis. In this case, the chart displays a count of Lucidum OS Version.

  • The Chart Type is “Bar”.

• Whitespace by OS Version (macOS). This chart displays MacOS assets that do not have the Tenable Agent installed, organized by macOS version.

  • This chart queries the asset database and uses the query Lucidum OS Category match macOS AND Data Sources not match Tenable Vulnerability Management Agent

  • From the data returned by the query, the Category field specifies the value to show in the x-axis. In this case, the chart displays a count of Lucidum Asset Name.

  • From the data returned by the query, the Series field specifies the value to show in the y-axis. In this case, the chart displays a count of Lucidum OS Version.

  • The Chart Type is “Bar”.

• Whitespace by OS Version (Linux). This chart displays Linux assets that do not have the Tenable Agent installed, organized by Linux version.

  • This chart queries the asset database and uses the query Lucidum OS Category match Linux AND Data Sources not match Tenable Vulnerability Management Agent

  • From the data returned by the query, the Category field specifies the value to show in the x-axis. In this case, the chart displays a count of Lucidum Asset Name.

  • From the data returned by the query, the Series field specifies the value to show in the y-axis. In this case, the chart displays a count of Lucidum OS Version.

  • The Chart Type is “Bar”.

• Server Whitespace by Location (Windows Server). This chart displays Windows Server assets that do not have the Tenable Agent installed, organized by geographic location.

  • This chart queries the asset database and uses the query Lucidum OS Category match Windows Server AND Data Sources not match Tenable Vulnerability Management Agent

  • From the data returned by the query, the Category field specifies the value of the entire pie. In this case, the chart displays a count of Lucidum Asset Name (Windows Server assets that are not running the Tenable Agent).

  • From the data returned by the query, the Series field specifies the value to show in each slice of pie. In this case, the chart displays Location in each slice.

  • The Chart Type is “Pie”.

• Workstation Whitespace by Location (Windows Workstation). This chart displays Windows workstation assets that do not have the Tenable Agent installed, organized by geographic location.

  • This chart queries the asset database and uses the query Lucidum OS Version not match Windows Server AND Lucidum Os Version match Windows AND Data Sources not match Tenable Vulnerability Management Agent

  • From the data returned by the query, the Category field specifies the value of the entire pie. In this case, the chart displays a count of Lucidum Asset Name (Windows workstation assets that are not running the Tenable Agent).

  • From the data returned by the query, the Series field specifies the value to show in each slice of pie. In this case, the chart displays Location in each slice.

  • The Chart Type is “Pie”.

• macOS Whitespace by Location (macOS). This chart displays MacOS assets that do not have the Tenable Agent installed, organized by geographic location.

  • This chart queries the asset database and uses the query Lucidum OS Category match macOS AND Data Sources not match Tenable Vulnerability Management Agent

  • From the data returned by the query, the Category field specifies the value of the entire pie. In this case, the chart displays a count of Lucidum Asset Name (MacOS assets that are not running Tenable Agent).

  • From the data returned by the query, the Series field specifies the value to show in each slice of pie. In this case, the chart displays Location in each slice.

  • The Chart Type is “Pie”.

• Linux Whitespace by Location (Linux). This chart displays Linux assets that do not have the Tenable Agent installed, organized by geographic location.

  • This chart queries the asset database and uses the query Lucidum OS Category match Linux AND Data Sources not match Tenable Vulnerability Management Agent

  • From the data returned by the query, the Category field specifies the value of the entire pie. In this case, the chart displays a count of Lucidum Asset Name (Linux assets that are not running the Tenable Agent).

  • From the data returned by the query, the Series field specifies the value to show in each slice of pie. In this case, the chart displays Location in each slice.

  • The Chart Type is “Pie”.

Lucidum System Summary #

The Lucidum System Summary dashboard displays security information assets, users, risk, and vulnerabilities.

The Lucidum System Summary dashboard looks like this:

Base Query #

Most of the charts in this dashboard use a query like:

Data Source exists

or

Lucidum Asset Name exists

or

Lucidum User Name exists

or

CVE List exists

These queries search for all data sources or all assets or all users or all CVEs in Lucidum.

Some of the queries also look for specific asset types.

If you want to edit this dashboard, you can supply a different field in the query. To view all fields for assets, in the Query Builder, scroll through the values for Field. To view all fields for users, in the Query Builder, scroll through the values for Field.

Charts #

• Data Sources of Asset Records. This chart displays all the data sources from which Lucidum ingests data to build asset records. Mousing over a slice displays the percentage of assets from that data source.

  • This chart queries the asset database and uses the query Data Sources exists

  • From the data returned by the query, the Category field specifies the values to use to calculate the entire pie. In this case, the entire pie is the total count of Lucidum Asset Name.

  • From the data returned by the query, the Series field specifies the value to show in each slice of the pie. In this case, each slice displays one of the Data Sources.

  • The Chart Type is “Pie”.

• Data Sources of Identity Records. This chart displays all the data sources from which Lucidum ingests data to build user records. Mousing over a slice displays the percentage of users from that data source.

  • This chart queries the user database and uses the query Data Sources exists

  • From the data returned by the query, the Category field specifies the values to use to calculate the entire pie. In this case, the entire pie is the total count of Lucidum User Name.

  • From the data returned by the query, the Series field specifies the value to show in each slice of the pie. In this case, each slice displays Data Sources.

  • The Chart Type is “Pie”

• Operating System Family. This chart displays the operating system category for all assets. Mousing over a slice displays the percentage of assets in that operating system category.

  • This chart queries the asset database and uses the query Lucidum Asset Name exists

  • From the data returned by the query, the Category field specifies the values to use to calculate the entire pie. In this case, the entire pie is the total count of Lucidum Asset Names.

  • From the data returned by the query, the Series field specifies the value to show in each slice of the pie. In this case, each slice displays a Lucidum OS Category.

  • The Chart Type is “Pie”

• Operating System Version. This chart displays the operating system version for all assets. Mousing over a slice displays the percentage of assets in that operating system version.

  • This chart queries the asset database and uses the query Lucidum Asset Name exists

  • From the data returned by the query, the Category field specifies the values to use to calculate the entire pie. In this case, the entire pie is the total count of Lucidum Asset Names.

  • From the data returned by the query, the Series field specifies the value to show in each slice of the pie. In this case, each slice displays a Lucidum OS Version.

  • The Chart Type is “Pie”

• Asset Growth: Prev. 3 Months. This chart displays the number of new assets added to Lucidum or updated in Lucidum each day for the past 3 months. Mousing over a bar displays the date and number of assets.

  • This chart queries the asset database and uses the query Lucidum Asset Name exists AND Record Generated Time within past 3 months

  • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name.

  • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Record Generated Time.

  • The Chart Type is “Bar”

• Asset Types by Location. This chart displays the number of assets per location. Mousing over a bar displays the location and number of assets.

  • This chart queries the asset database and uses the query Location exists

  • From the data returned by the query, the Category field specifies the two two attributes are displayed in each bar. The first field specified in Categories appears as the main bar. The second field uses color-coding to show the contents of each bar.

  • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Location.

  • The Chart Type is “Bar”

• Identity Growth: Prev. 3 Months. This chart displays the number of new user added to Lucidum or updated in Lucidum each day for the past 3 months. Mousing over a bar displays the date and number of users.

  • This chart queries the user database and uses the query Lucidum User Name exists AND Record Generated Time within past 3 months

  • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum User Name.

  • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Record Generated Time.

  • The Chart Type is “Bar”

• Assets by Department. This chart displays the number of assets by location and also displays assets by OS Category. Mousing over a bar displays the location, number of assets, and OS Category.

  • This chart queries the asset database and uses the query Location Exists, meaning examine all assets that have a value for “Department”.

  • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name.

  • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Department.

  • The Chart Type is of type “Bar”

• Top-n CVEs Reported. This chart displays the 20 CVEs with the highest occurrences in the environment and the number of assets where the CVE occurred. Mousing over a bar displays the number of assets and the CVE number.

  • This chart queries the asset database and uses the query CVE List exists. The query looks for all assets with a CVE list.

  • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name.

  • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays one of the top 20 entries in the CVE List.

  • The Chart Type is “Bar”

• Critical CVE Density. This chart displays the number of critical CVEs in the environment per day for 90 days, using a color-code to display the range of critical CVEs. Mousing over a day in the calendar displays the number of Critical CVEs in the environment that day.

  • This chart queries the asset database and uses the query Record Generated Time within past 3 moths AND CVSS Severity match CRITICAL OR CVSS Severity match HIGH. The query looks at all assets found in the last three months with a severity of “critical” or “high” in the Common vulnerability scoring system (a mathematical/statistical scoring for vulnerabilities).

  • For heatmaps, the Category field specifies the value you want to display for each day in a calendar. In this case, the calendar displays entries from the “CVE List”

  • For heatmaps, the Series field specifies a date and time field that you use to build the calendar in the heatmap. In this case, the calendar displays the value from Record Generated Time.

  • The Chart Type is “Heatmap”

• Most Common Critical CVEs. This chart displays the most common critical CVEs (up to 100) in the environment and the number of assets with each critical CVE.

  • This chart queries the asset database and uses the query Critical CVE List exists. The query looks for all assets with a Critical CVE list.

  • From the data returned by the query, the Category field specifies the columns in the table. In this case, the average count of Lucidum Asset Name

  • If the value in the Category field is numeric, the sigma field appears. You can specify whether you want to display Average Value, Count, Minimum Value, Maximum Value, or Sum of Values for the Category field. In this case, the sigma value is Count.

  • From the data returned by the query, the Series field specifies each row in the table. In this case, the table will have a row for each Critical CVE List.

  • The Chart Type is “Table”

• Most Common Risk Factors. This chart displays the ten most common risk factors in the environment and the number of assets with each risk factor.

  • This chart queries the asset database and uses the query Risk Factors exists. The query looks for all assets with a risk factor.

  • From the data returned by the query, the Category fields specifies the columns in the table. In this case, the average count of Lucidum Asset Name

  • If the value in the Category field is numeric, the sigma field appears. You can specify whether you want to display Average Value, Count, Minimum Value, Maximum Value, or Sum of Values for the Category field. In this case, the sigma value is Count.

  • From the data returned by the query, the Series field specifies each row in the table. In this case, the table will have a row for each Risk Factors.

  • The Chart Type is “Table”

• Active CVEs by CVSS Severity & Score. This chart displays CVEs by both CVSS Serverity and CVSS score.

  • This chart queries the asset database and uses the query cve_software.name exists. The query looks for all assets running CVE software.

  • From the data returned by the query, the Category field specifies the values to include in the inner ring and the outer ring. The first value specifies what to display in the outside ring, in this case, CVSS Severity. The second field specifies what to display in the inside ring, in this case CVSS Score.

  • The Chart Type is “Nested Pie”

• Active CVEs by Data Source. This chart displays CVEs by both CVSS Serverity and Data Source.

  • This chart queries the asset database and uses the query cve_software.name exists. The query looks for all assets running CVE software.

  • From the data returned by the query, the Category field specifies the values to include in the inner ring and the outer ring. The first value specifies what to display in the outside ring, in this case, CVSS Severity. The second field specifies what to display in the inside ring, in this case Data Sources.

  • The Chart Type is “Nested Pie”

• Risk Levels and Factors. This chart displays assets by risk level and risk factors.

  • This chart queries the asset database and uses the query Risk Level exists AND Risk_Reasons exists. The query looks for all assets with a risk level and one or more risk factors.

  • From the data returned by the query, the Category field specifies the values to include in the inner ring and the outer ring. The first value specifies what to display in the outside ring, in this case, Risk Level. The second field specifies what to display in the inside ring, in this case Risk Factors.

  • The Chart Type is “Nested Pie”

New Assets & Users (Prev. 7 Days) #

The New Assets & Users (Prev. 7 Days) dashboard displays information about the assets and users first seen in the last seven days.

The New Assets & Users (Prev. 7 Days) dashboard looks like this:

Base Query #

Most of the charts in this dashboard use a query like:

First Time Seen within past 1 week

or

Lucidum Asset Name exists

or

Lucidum User Name exists

These queries search for all assets or all users in Lucidum that were first seen in the past 7 days (new assets and new users)

If you want to edit this dashboard, you can supply a different field in the query. To view all fields for assets, in the Query Builder, scroll through the values for Field. To view all fields for users, in the Query Builder, scroll through the values for Field.

Charts #

• New Assets. This chart displays the count of all new asset records from the last seven days.

  • This chart queries the asset database and uses the query First Time Seen within past 1 week AND Host_Name not match no_serial. The query looks for all assets first seen within the last seven days, excluding the Intune devices with the host name “no_serial”. These Intune devices are devices that do not yet exist but have been created with the Intune autopilot tool.

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

  • The Chart Type is “Big Number”.

• New Asset Listing. This chart displays a list of new asset records from the last seven days.

  • This chart queries the asset database and uses the query First Time Seen within past 1 week AND Source Asset Name not match no_serial. The query looks for all assets first seen within the last seven days, excluding the Intune devices with the name “no_serial”. These Intune devices are devices that do not yet exist but have been created with the Intune autopilot tool.

  • From the data returned by the query, the Category fields specifies the columns in the table. In this case, Lucidum Asset Name, Source Asset Name, and IP Address.

  • The Chart Type is “Table”.

• Data Sources Reporting New Assets. This chart displays the new assets first seen in the last seven days, organized by Data Source.

  • This chart queries the asset database and uses the query First Time Seen within past 1 week. The query looks for all assets first seen within the last seven days.

  • From the data returned by the query, the Category field specifies the values to use to calculate the entire pie. In this case, the entire pie is the total count of Lucidum Asset Names.

  • From the data returned by the query, the Series field specifies the value to show in each slice of the pie. In this case, each slice displays one of the Data Sources.

  • The Chart Type is “Pie”.

• Types of New Assets. This chart displays the new assets first seen in the last seven days, organized by asset type.

  • This chart uses the query First Time Seen within past 1 week. The query looks for all assets first seen within the last seven days.

  • From the data returned by the query, the Category field specifies the values to use to calculate the entire pie. In this case, the entire pie is the total count of Lucidum Asset Names.

  • From the data returned by the query, the Series field specifies the value to show in each slice of the pie. In this case, each slice displays an Asset Type.

  • The Chart Type is “Pie”.

• Cloud Assets. This chart displays the new assets first seen in the last seven days, organized by whether the new assets are cloud assets or not.

  • This chart queries the asset database and queries the asset database and uses the query First Time Seen within past 1 week. The query looks for all assets first seen within the last seven days.

  • From the data returned by the query, the Category field specifies the values to use to calculate the entire pie. In this case, the entire pie is the total count of Lucidum Asset Names.

  • From the data returned by the query, the Series field specifies the value to show in each slice of the pie. In this case, each slice displays Cloud Asset (yes/no).

  • The Chart Type is “Pie”.

• New Users. This chart displays the count of all new asset records from the last seven days.

  • This chart queries the user database and uses the query First Time Seen within past 1 week. The query looks for all users first seen within the last seven days.

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum User Name.

  • The Chart Type is “Big Number”.

• New User Listing. This chart displays a list of new user records from the last seven days.

  • This chart queries the user database and uses the query First Time Seen within past 1 week. The query looks for all users first seen within the last seven days.

  • From the data returned by the query, the Category fields specifies the columns in the table. In this case, Lucidum User Name, Person Full Name, Location.

  • The Chart Type is “Table”.

• Data Sources Reporting New Users. This chart displays the new users first seen in the last seven days, organized by Data Source.

  • This chart queries the user database and uses the query First Time Seen within past 1 week. The query looks for all users first seen within the last seven days.

  • From the data returned by the query, the Category field specifies the values to use to calculate the entire pie. In this case, the entire pie is the total count of Lucidum Asset Names.

  • From the data returned by the query, the Series field specifies the value to show in each slice of the pie. In this case, each slice displays a Data Sources.

  • The Chart Type is “Pie”.

• Job Titles of New Users. This chart displays the new assets first seen in the last seven days, organized by job title.

  • This chart queries the user database and uses the query First Time Seen within past 1 week. The query looks for all users first seen within the last seven days.

  • From the data returned by the query, the Category field specifies the values to use to calculate the entire pie. In this case, the entire pie is the total count of Lucidum User Name.

  • From the data returned by the query, the Series field specifies the value to show in each slice of the pie. In this case, each slice displays a Job Title.

  • The Chart Type is “Pie”.

• Department of New Users. This chart displays the new assets first seen in the last seven days, organized by department.

  • This chart queries the user database and uses the query First Time Seen within past 1 week. The query looks for all users first seen within the last seven days.

  • From the data returned by the query, the Category field specifies the values to use to calculate the entire pie. In this case, the entire pie is the total count of Lucidum User Names.

  • From the data returned by the query, the Series field specifies the value to show in each slice of the pie. In this case, each slice displays Department.

  • The Chart Type is “Pie”.

• Assets In Lucidum. This chart displays the daily count of assets each day for the past 3 months.

  • This chart queries the asset database and uses the query Lucidum Asset Name exists AND Record Generated Time within past 3 months. The query looks for all assets seen within the last three months.

  • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name.

  • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Record Generated Time.

  • The Chart Type is “Bar”.

• Users In Lucidum. This chart displays the daily count of users each day for the past 3 months.

  • This chart queries the user database and uses the query Lucidum User Name exists AND Record Generated Time within past 3 months. The query looks for all users seen within the last three months.

  • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum User Name.

  • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Record Generated Time.

  • The Chart Type is “Bar”.

Patching Summary #

The Patching Summary dashboard displays information about assets that require patching, including a table with details about each asset that requires patching.

The dashboard looks like this:

Base Query #

Most of the asset charts in this dashboard use a query like:

Lucidum OS Category in Microsoft Windows, macOS, Linux, Unix

AND

Last Time Seen within past 1 month

AND

Missing Patches exists

These queries search for all compute assets that have been active within the last month and where the Missing Patches field exists.

Charts #

• Compute Assets: Total. This chart displays the total count for all compute assets.

  • This chart queries the asset database and uses the query Lucidum OS Category in Microsoft Windows, macOS, Linux, Unix

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

  • The Chart Type is “Big Number”.

• Compute Assets: Total by Platform. This chart displays compute assets and the ratio of OS platforms.

  • This chart queries the asset database and uses the query Lucidum OS Category in Microsoft Windows, macOS, Linux, Unix AND Last Time Seen within past 1 month. The query looks for compute assets that have been active during the last month.

  • From the data returned by the query, the Category field specifies the values to use to calculate the entire pie. In this case, the entire pie is the total count of Lucidum User Name.

  • From the data returned by the query, the Series field specifies the value to show in each slice of the pie. In this case, each slice displays a Lucidum OS Category.

  • The Chart Type is “Pie”.

• Compute Assets: Patching Status. This chart displays compute assets and the ratio of assets that require patching.

  • This chart queries the asset database and uses the query Compute Patching Status exists. Compute Patching Status is a SmartLabel that searches for assets that are running Windows, Linux, mcOS, Unix, or VMware EXSi AND have an IP address AND have a Lucidum Status of “online” AND the Missing Patches field exists.

  • From the data returned by the query, the Category field specifies the values to use to calculate the entire pie. In this case, the entire pie is the total count of Lucidum User Name.

  • From the data returned by the query, the Series field specifies the value to show in each slice of the pie. In this case, each slice displays a Compute Patching Status.

  • The Chart Type is “Pie”.

• Patches Needed: Total. This chart displays the total count for all compute assets that require patching..

  • This chart queries the asset database and uses the query Lucidum OS Category in Microsoft Windows, macOS, Linux, Unix AND Last Time Seen within past 1 month AND Missing Patches exists. This query searches for all compute assets that have been active within the last month and where the Missing Patches field exists.

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

  • The Chart Type is “Big Number”.

• Patches Needed by Platform. This chart displays the new assets first seen in the last seven days, organized by job title.

  • This chart queries the asset database and uses the query Lucidum OS Category in Microsoft Windows, macOS, Linux, Unix AND Last Time Seen within past 1 month AND Missing Patches exists. This query searches for all compute assets that have been active within the last month and where the Missing Patches field exists.

  • From the data returned by the query, the Category field specifies the values to use to calculate the entire pie. In this case, the entire pie is the total count of Lucidum Asset Name.

  • From the data returned by the query, the Series field specifies the value to show in each slice of the pie. In this case, each slice displays a Lucidum OS Category.

  • The Chart Type is “Pie”.

• Patches Needed By Department. This chart displays the new assets first seen in the last seven days, organized by job title.

  • This chart queries the asset database and uses the query Lucidum OS Category in Microsoft Windows, macOS, Linux, Unix AND Last Time Seen within past 1 month AND Missing Patches exists. This query searches for all compute assets that have been active within the last month and where the Missing Patches field exists.

  • From the data returned by the query, the Category field specifies the values to use to calculate the entire pie. In this case, the entire pie is the total count of Lucidum Asset Name.

  • From the data returned by the query, the Series field specifies the value to show in each slice of the pie. In this case, each slice displays a Department.

  • The Chart Type is “Pie”.

• Compute Assets: Needing Patches. This chart displays details about the assets that require patching..

  • Lucidum OS Category in Microsoft Windows, macOS, Linux, Unix AND Last Time Seen within past 1 month AND Missing Patches exists. This query searches for all compute assets that have been active within the last month and where the Missing Patches field exists.

  • From the data returned by the query, the Category field specifies the columns in the table. In this case, the columns are Latest Asset Name, Person Full Name, Lucidum OS Version, Model, Serial Number, Missing Patches, and Department.

  • If the value in the Category field is numeric, the sigma field appears. You can specify whether you want to display Average Value, Count, Minimum Value, Maximum Value, or Sum of Values for the Category field. In this case, the sigma value is Count.

  • The Chart Type is “Table”

Users & Assets #

The Users & Assets dashboard displays information about assets, asset types, and the associated users.

The Users & Assets dashboard looks like this:

Base Query #

Most of the charts in this dashboard use a query like:

Lucidum Asset Name exists

or

Lucidum User Name exists

These queries search for all assets or all users in Lucidum.

Some of the queries also look for specific asset types.

If you want to edit this dashboard, you can supply a different field in the query. To view all fields for assets, in the Query Builder, scroll through the values for Field. To view all fields for users, in the Query Builder, scroll through the values for Field.

Charts #

• Asset Records: Total. This chart displays the count of all asset records.

  • This chart queries the asset database and uses the query Lucidum Asset Name exists. The query looks for all assets.

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

  • The Chart Type is “Big Number”.

• Servers & VMs. This chart displays the sum of all servers and all VMs.

  • This chart queries the asset database and uses the query Asset Type == Server OR Asset Type == VM. This query searches for all server assets and all VM assets.

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

  • The Chart Type is “Big Number”.

• Servers/VMs without IPs. This chart displays the total number of servers and VMs that do not have IP addresses.

  • This chart queries the asset database and uses the query Asset Type == Server OR Asset Type == VM AND IP Address empty. This query searches for all server assets that have no IP address and all VM assets that have no IP address.

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

  • The Chart Type is “Big Number”.

• Asset Records: By Asset Type. This chart displays the number of assets for each asset type.

  • This chart queries the asset database and uses the query Lucidum Asset Name exists. The query looks for all assets.

  • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name.

  • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Asset Type.

  • The Chart Type is “Bar”.

• User Records: Total. This chart displays the count of all user records.

  • This chart queries the user database and uses the query Lucidum User Name exists. The query looks for all users.

  • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum User Name.

  • The Chart Type is “Big Number”.

• Assets with/without Users. This chart displays assets without users and assets with users.

  • This chart queries the asset database and uses the query Compute Asset exists AND # of Users >= 0. This query searches for all assets that have 0 users and all assets that have more than 0 users.

  • From the data returned by the query, the Category field specifies the values to use to calculate the entire pie. In this case, the entire pie is the total count of Lucidum Asset Names.

  • From the data returned by the query, the Series field specifies the value to show in each slice of the pie. In this case, each slice displays # of Users.

  • The Chart Type is “Pie”.

• Servers/VMs with/without Users. This chart displays assets that are servers or VMS, organized by those that without users and those with users.

  • This chart queries the asset database and uses the query Asset Type == Server OR Asset Type == VM. This query searches for all server assets and all VM assets.

  • From the data returned by the query, the Category field specifies the values to use to calculate the entire pie. In this case, the entire pie is the total count of Lucidum Asset Names.

  • From the data returned by the query, the Series field specifies the value to show in each slice of the pie. In this case, each slice displays # of Users.

  • The Chart Type is “Pie”.

• Servers/VMs with/without IPs or Without Users. This chart displays the number of servers and VMs that don’t have IP addresses or don’t have users. The chart displays these assets by OS category.

  • This chart queries the asset database and uses the query Asset Type == Server OR Asset Type == VM AND IP Address empty OR # of Users == 0. This query searches for all server assets that have no IP address or no users and all VM assets that have no IP address or no users.

  • From the data returned by the query, the Category field specifies the values to use to calculate the entire pie. In this case, the entire pie is the total count of Lucidum Asset Names.

  • From the data returned by the query, the Series field specifies the value to show in each slice of the pie. In this case, each slice displays Lucidum OS Category.

  • The Chart Type is “Pie”.

• Servers/VMs with/without IPs. This chart displays the servers and VMs that do not have IP addresses, organized by data source.

  • This chart queries the asset database and uses the query Asset Type == Server OR Asset Type == VM AND IP Address empty. This query searches for all server assets that have no IP address and all VM assets that have no IP address.

  • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum Asset Name.

  • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Data Sources.

  • The Chart Type is “Bar”.

• User Status. This chart displays all the user statuses and the number of users in each status.

  • For our example, we are using Okta as an SSO solution. This chart queries the user database and uses the query Data Sources match okta_user

  • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum User Name.

  • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the user’s status (User Status:: Status).

  • The Chart Type is “Bar”.

• Users with Assets. This chart displays users that are associated with assets and the departments for those users.

  • This chart queries the user database uses the query # of Assets >= 1 AND Lucidum User Name exists. This query searches for all users in Lucidum that are associated with 1 or more assets.

  • From the data returned by the query, the Category field specifies the values to use to calculate the entire pie. In this case, the entire pie is the total count of Lucidum User Name.

  • From the data returned by the query, the Series field specifies the value to show in each slice of the pie. In this case, each slice displays a Department.

  • The Chart Type is “Pie”.

VMware Summary #

This dashboard provides details about all VMware assets, including datacenters, clusters, hosts, VMs, datastores, resource pools, switches, and port groups.

The dashboard looks like this:

Base Query #

Most of the asset charts in this dashboard use a query like:

Data Sources match VMware Virtual Machines

These queries search for all assets that include data about VMware Virtual Machines (ingested by the VMware Connector).

Charts #

• Clusters per vCenter. This chart displays the total number of VMware clusters, organized by connector profile.

  • This chart queries the asset database and uses the query Data Sources match VMware Cluster. This query searches for all assets aligned with the data source “VMware Cluster”.

  • From the data returned by the query, the Category field specifies the values to use to calculate the entire pie. In this case, the entire pie is the total count of Lucidum User Name that match the query.

  • From the data returned by the query, the Series field specifies the value to show in each slice of the pie. In this case, each slice displays a Connector Profile.

  • The Chart Type is “Pie”.

• Host per vCenter. This chart displays the total number of VMware hosts, organized by connector profile.

  • This chart queries the asset database and uses the query Data Sources match VMware Hosts. This query searches for all assets aligned with the data source “VMware Hosts”.

  • From the data returned by the query, the Category field specifies the values to use to calculate the entire pie. In this case, the entire pie is the total count of Lucidum User Name that match the query.

  • From the data returned by the query, the Series field specifies the value to show in each slice of the pie. In this case, each slice displays a Connector Profile.

  • The Chart Type is “Pie”.

• Virtual Machines per vCenter. This chart displays the total number of VMware virtual machines, organized by connector profile.

  • This chart queries the asset database and uses the query Data Sources match VMware Virtual Machines. This query searches for all assets aligned with the data source “VMware Virtual Machines”.

• • From the data returned by the query, the Category field specifies the values to use to calculate the entire pie. In this case, the entire pie is the total count of Lucidum User Name that match the query.

  • From the data returned by the query, the Series field specifies the value to show in each slice of the pie. In this case, each slice displays a Connector Profile.

  • The Chart Type is “Pie”.

• Clusters.  This chart displays a table with details about each VMware cluster.

  • This chart queries the asset database and uses the query Data Sources match VMware Cluster. This query searches for all assets aligned with the data source “VMware Cluster”.

  • From the data returned by the query, the Category field specifies the columns in the table. In this case, the columns are Asset Description, Memory Size, and CPU Cores.

  • The Chart Type is “Table”.

• Hosts. This chart displays a table with details about each VMware host.

  • This chart queries the asset database and uses the query Data Sources match VMware Hosts. This query searches for all assets aligned with the data source “VMware Hosts”.

  • From the data returned by the query, the Category field specifies the columns in the table. In this case, the columns are Asset Description, Model, Memory Size, CPU Cores and Service Tag.

  • The Chart Type is “Table”

• Virtual Machines. This chart displays a table with details about each VMware virtual machine.

  • This chart queries the asset database and uses the query Data Sources match VMware Virtual Machines. This query searches for all assets aligned with the data source “VMware Virtual Machines”.

  • From the data returned by the query, the Category field specifies the columns in the table. In this case, the columns are Asset Description, Lucidum OLS version, Memory Size, and CPU .

  • The Chart Type is “Table”

• Virtual Machines by Host. This charts displays the number of virtual machines per host.

  • This chart queries the asset database and uses the query Data Sources match VMware Virtual Machines. This query searches for all assets aligned with the data source “VMware Virtual Machines”.

  • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum User Name that match the query.

  • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Host ID.

  • The Chart Type is “Bar”.

• Virtual Machines by Resource Pool. This charts displays the number of virtual machines per resource pool.

  • This chart queries the asset database and uses the query Data Sources match VMware Virtual Machines. This query searches for all assets aligned with the data source “VMware Virtual Machines”.

  • From the data returned by the query, the Category field specifies the values to show on the x-axis. In this case, the x-axis displays a count of Lucidum User Name that match the query.

  • From the data returned by the query, the Series field specifies the values to show on the y-axis. In this case, the y-axis displays the Resource Pool.

  • The Chart Type is “Bar”.

• vCenters. This chart displays a table with details about each vCenter.

  • This chart queries the asset database and uses the query Data Sources match VMware vCenter. This query searches for all assets aligned with the data source “VMware vCenter”.

  • From the data returned by the query, the Category field specifies the columns in the table. In this case, the columns are Asset Description and Connector Profile.

  • The Chart Type is “Table”.

• Datacenters. This chart displays a table with details about each data center.

  • This chart queries the asset database and uses the query Data Sources match VMware Data Center. This query searches for all assets aligned with the data source “VMware Data Center”.

  • From the data returned by the query, the Category field specifies the columns in the table. In this case, the columns are Asset Description.

  • The Chart Type is “Table”.

• Datastores. This chart displays a table with details about each data store.

  • This chart queries the asset database and uses the query Data Sources match VMware Datastores. This query searches for all assets aligned with the data source “VMware Data stores”.

  • From the data returned by the query, the Category field specifies the columns in the table. In this case, the columns are Asset Description.

  • The Chart Type is “Table”.

• Distributed Switches. This chart displays a table with details about each distributed switch.

  • This chart queries the asset database and uses the query Data Sources match VMware Datastores. This query searches for all assets aligned with the data source “VMware Distributed Switches”.

  • From the data returned by the query, the Category field specifies the columns in the table. In this case, the columns are Asset Description.

  • The Chart Type is “Table”.

• Port Groups. This chart displays a table with details about each port group.

  • This chart queries the asset database and uses the query Data Sources match VMware Networking. This query searches for all assets aligned with the data source “VMware Networking”.

  • From the data returned by the query, the Category field specifies the columns in the table. In this case, the columns are Asset Description.

  • The Chart Type is “Table”.