Inventory Dashboards

The pre-built Value-Oriented Dashboards include the following inventory dashboards:

  • Asset Inventory. This dashboard displays information about assets including data sources, risk level, critical vulnerabilities, location, type, operating systems, ISPs, CVEs, and users.

  • Asset Overview w/Users. This dashboard displays details about assets including asset types, servers, VMs, workstations, mobile devices, containers, microservices, and information about users for those assets.

  • Assets. This dashboard lists all the assets in your Lucidum system and details about each asset.

  • Change Tracking. This dashboard displays information about assets and users over time.

  • Coverage Gaps: CrowdStrike. This dashboard displays information about assets that are not running CrowdStrike, including a monthly burndown chart to track new CrowdStrike installations.

  • Coverage Gaps: SentinelOne. This dashboard displays information about assets that are not running SentinelOne, including a monthly burndown chart to track new SentinelOne installations.

  • Lucidum CAASM Summary. This dashboard displays security information assets, users, risk, and vulnerabilities.

  • New Assets & Users (Prev. 7 Days). The New Assets & Users (Prev. 7 Days) dashboard displays information about the assets and users first seen in the last seven days.

  • Users & Assets. This dashboard displays information about assets, asset types, and the associated users.

Required Connectors #

To find all the assets in your environment and the vulnerability and risk information about the assets in your environment, Lucidum recommends you configure Lucidum connectors for:

  • The Endpoint Management solutions in your environment (for example, Jamf, Intune, Citrix Endpoint Management, Symantec Endpoint Management, Hexnode)

  • The Endpoint Protection solutions in your environment (for example, Trellix Endpoint Security, Symantec Endpoint Protection, SentinelOne, Crowdstrike Falcon, Microsoft Defender for Endpoint )

  • The Endpoint Detection and Response solutions in your environment (for example, SentinelOne, Falcon Crowdstrike, Trend Micro XDR, Check Point Harmony Endpoint, Cortex XDR)

  • The cloud security solutions in your environment for cloud assets (for example, Netskope, Illumio Core, Orca, Tenable Vulnerability Management, Trend Micro Cloud One, Sophos Central)

  • The anti-virus solutions or vulnerability management solutions in your environment (for example, Burp Suite, Cycognito, Greenbone, Kenna, MS Defender, Qualys, Rapid7, Tenable, Vulcan)

  • The Mobile Device Management solutions in your environment (for example, Addigy, Citrix Endpoint, Jamf Pro, Kandji)

  • The directory solutions in your environment (For example, Azure AD, Microsoft AD, Jump Cloud, PingOne, OpenLDAP,)

  • The DHCP solutions in your environment (For example, Infoblox, Efficient IP, BlueCat)

  • The VPN solutions in your environment (For example, Cisco AnyConnect, FortiClient, Palo Alto VPN, Citrix Gateway, Zscaler Private Access)

  • The cloud solutions in your environment (for example, AWS, Azure, Google Cloud, Oracle Cloud)

Asset Inventory #

The Asset Inventory dashboard displays information about assets including data sources, risk level, critical vulnerabilities, location, type, operating systems, ISPs, CVEs, and users.

The Asset Inventory dashboard looks like this:

inventory_asset-inventory.png

Base Query #

Most of the charts in this dashboard use a query like:

Risk Level exists

or

Asset Type exists

These queries search for all risk levels or all asset types for all assets in Lucidum.

If you want to edit this dashboard, you can supply a different field in the query. To view all fields for assets, in the Query Builder, scroll through the values for Field.

Charts #

  • Asset Data Sources. This chart displays the data sources that contribute to the list of Lucidum Asset Names.

    • This chart uses the query Data Source exists

    • From the data returned by the query, the Category field specifies the values to use to calculate the entire pie. In this case, the entire pie is the total count of Lucidum Asset Names.

    • From the data returned by the query, the Series field specifies the value to show in each slice of the pie. In this case, each slice displays Data Sources.

    • The Chart Type is “Pie”.

  • Assets by Risk Level. This chart displays the number of assets at each Risk Level (low, medium, and high)

    • This chart uses the query Risk Level exists

    • From the data returned by the query, the Category field specifies the values to show on the y-axis. In this case, the y-axis displays a count of Lucidum Asset Name.

    • From the data returned by the query, the Series field specifies the values to show on the x-axis. In this case, the x-axis displays the Risk Level.

    • The Chart Type is “Bar”.

  • Assets w/Critical Vulns. This chart displays the assets that has a risk level of “high”.

    • This chart uses the query Risk Level match 3-high

    • From the data returned by the query, the Category fields specifies the columns in the table. In this case, the columns are a count of Critical Vulns,

    • From the data returned by the query, the Series field specifies the row in the table. In this case, the table will have a row for each Lucidum Asset Name.

    • The Chart Type is “Table”.

  • Asset Locations. This chart displays the location for all assets.

    • This chart uses the query Location exists

    • From the data returned by the query, the Category field specifies the values to show on the y-axis. In this case, the y-axis displays a count of Lucidum Asset Name.

    • From the data returned by the query, the Series field specifies the values to show on the x-axis. In this case, the x-axis displays the Location.

    • The Chart Type is “Bar”.

  • Asset Types. This chart displays the asset types for all assets.

    • This chart uses the query Asset Type exists

    • From the data returned by the query, the Category field specifies the values to show on the y-axis. In this case, the y-axis displays a count of Lucidum Asset Name.

    • From the data returned by the query, the Series field specifies the values to show on the x-axis. In this case, the x-axis displays the Asset Type.

    • The Chart Type is “Bar”.

  • User Data Sources. This chart displays the data sources that contribute to the list of Lucidum User Names.

    • This chart uses the query Data Source exists

    • From the data returned by the query, the Category field specifies the values to use to calculate the entire pie. In this case, the entire pie is the total count of Lucidum Asset Names.

    • From the data returned by the query, the Series field specifies the value to show in each slice of the pie. In this case, each slice displays one of the Data Sources.

    • The Chart Type is “Pie”.

  • Top-n Operation Systems. This chart displays the top 20 operating systems used by assets.

    • This chart uses the query OS and Version exists

    • From the data returned by the query, the Category field specifies the values to show on the y-axis. In this case, the y-axis displays a count of Lucidum Asset Name.

    • From the data returned by the query, the Series field specifies the values to show on the x-axis. In this case, the x-axis displays the Lucidum OS Version.

    • The Chart Type is “Bar”.

  • Top-n ISPs Used for Access. This chart displays the top 20 ISPs used by assets.

    • This chart uses the query ISP exists

    • From the data returned by the query, the Category field specifies the values to show on the y-axis. In this case, the y-axis displays a count of Lucidum Asset Name.

    • From the data returned by the query, the Series field specifies the values to show on the x-axis. In this case, the x-axis displays the ISP.

    • The Chart Type is “Bar”.

  • Top-n CVEs Reported. This chart displays the top 20 CVEs present in assets.

    • This chart uses the query CVE List exists

    • From the data returned by the query, the Category field specifies the values to show on the y-axis. In this case, the y-axis displays a count of Lucidum Asset Name.

    • From the data returned by the query, the Series field specifies the values to show on the x-axis. In this case, the x-axis displays entries from the CVE List.

    • The Chart Type is “Bar”.

Asset Overview w/Users #

The Asset Overview w/Users dashboard displays details about assets including asset types, servers, VMs, workstations, mobile devices, containers, microservices, and information about users for those assets.

The Asset Overview w/Users dashboard looks like this:

inventory_asset-overview-w-users.png

Base Query #

  • Most of the asset charts in this dashboard use a query like:

Asset Type match Workstation

or

Asset Type match Mobile

These queries search for all assets of asset type “workstation” or all assets of asset type “mobile”.

If you want to edit these charts, you can supply a different field in the query. To view all fields for assets, in the Query Builder, scroll through the values for Field.

  • Most of the user charts in this dashboard use a query like:

Department exists

or

Location exists

These queries search for all departments for all users or all locations for all users.

If you want to edit these charts, you can supply a different field in the query. To view all fields for user, in the Query Builder, scroll through the values for Field.

Charts #

  • All Assets by Type. This chart displays the asset types for all assets.

    • This chart queries the asset database and uses the query Asset Type exists

    • From the data returned by the query, the Category field specifies the values to use to calculate the entire pie. In this case, the entire pie is the total count of Lucidum Asset Names.

    • From the data returned by the query, the Series field specifies the value to show in each slice of the pie. In this case, each slice displays an Asset Type.

    • The Chart Type is “Pie”.

  • Servers & VMs. This chart displays a count of the sum of all severs and all VMs.

    • This chart queries the asset database and uses the query Asset Type match server OR Asset Type match VM AND Asset Type not match image. This query searches for server assets and VM assets but not VM image assets.

    • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

    • The Chart Type is “Big Number”.

  • Workstations. This chart displays the count of all workstations.

    • This chart queries the asset database and uses the query Asset Type match Workstation. This query searches for workstation assets.

    • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

    • The Chart Type is “Big Number”.

  • Mobile Devices. This chart displays the count of all mobile devices

    • This chart queries the asset database and uses the query Asset Type match Mobile. This query searches for mobile assets, like laptops, tablets, and phones.

    • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

    • The Chart Type is “Big Number”.

  • Containers and Microservices. This chart displays a count of the sum of all containers and all microservices.

    • This chart queries the asset database and uses the query Asset Type match container OR Asset Type match Micro_Service. This query searches for container assets and microservice assets.

    • From the data returned by the query, the Category field specifies the value to show in the chart. In this case, the chart displays a count of Lucidum Asset Name.

    • The Chart Type is “Big Number”.

  • Data Sources Contributing Asset Records. This chart displays the data sources that contribute to the list of all assets.

    • This chart queries the asset database and uses the query Asset Type exists

    • From the data returned by the query, the Category field specifies the values to use to calculate the entire pie. In this case, the entire pie is the total count of Lucidum Asset Names.

    • From the data returned by the query, the Series field specifies the value to show in each slice of the pie. In this case, each slice displays Encrypted (yes/no).

    • The Chart Type is “Pie”.

  • Users by Department. This chart displays the top 20 departments for all users.

    • This chart queries the user database and uses the query Department exists

    • From the data returned by the query, the Category field specifies the values to show on the y-axis. In this case, the y-axis displays a count of Lucidum User Name.

    • From the data returned by the query, the Series field specifies the values to show on the x-axis. In this case, the x-axis displays one of the Department.

    • The Chart Type is “Bar”.

  • Users by Location. This chart displays the top locations for all users.

    • This chart queries the user database and uses the query Location exists

    • From the data returned by the query, the Category field specifies the values to show on the y-axis. In this case, the y-axis displays a count of Lucidum User Name.

    • From the data returned by the query, the Series field specifies the values to show on the x-axis. In this case, the x-axis displays the Location.

    • The Chart Type is “Bar”.

  • Users by Manager. This chart displays the top 20 managers for all users.

    • This chart queries the user database and uses the query Manager exists

    • From the data returned by the query, the Category field specifies the values to show on the y-axis. In this case, the y-axis displays a count of Lucidum User Name.

    • From the data returned by the query, the