Viewing Details About Data Sources for Assets and Users

The Data Sources pages display all the data sources that contribute data to asset records and user records.

You can view metrics about each data source. You can also drill down and see which assets and which users are associated with each data source.

Lucidum connectors provide the data to your lucidum system. Connectors allow Lucidum to ingest data from your environment and discover, identify, and classify assets, data, and users. Lucidum includes pre-built connectors for the most commonly used solutions for security, vulnerability scanning, cloud, data warehouse, identity management, logs, network, endpoint management, IP management, file sharing, and devops.

Data sources map to connectors. For example, if you configure a connector for SentineOne, and Lucidum uses that connector to ingest data about an asset, then SentinelOne is listed as a data source.

Data Sources for Assets #

To view data sources for assets:

1. Go to Data Sources (the database icon).

2. In the Data Sources page, click the Assets tab.

   

3. The Data Sources page displays the following for each data source associated with assets:

   • Asset Data Source. Name of the data source. Clicking on a link for an asset data source leads to the Assets in Data Source page, where you can view details about all asset data ingested from the data source.

   • Range of Records per Ingestion. The number of records Lucidum ingests from the data source per ingestion.

   • Count of Duplicates. Number of instances of more than one asset with a duplicate field value. Lucidum machine-learning resolves this duplicates.If the value in this column is not zero (0), clicking on the number of duplicates leads to Duplicate Fields in Data Source modal page, where you can view details about duplicates.

   • Unique Assets. Number of unique assets from the data source.

   • Ingested Fields. Number of fields ingested from this data source. Clicking on a link for the number of ingested fields leads to the Fields in Data Source page, where you can view details about each field ingested from the selected data source.

Assets in Data Source #

The Assets in Data Source page displays all the assets that use the selected data source. To view this page:

1. Go to Data Sources (the database icon).

2. In the Data Sources page, click the Assets tab.

3. Click the link for one of the data sources in the Asset Data Source column.

4. The Assets in Data Source page appears.

   

5. The Assets in Data Source page displays the following about each asset that uses the data source:

   • Lucidum Asset Name. The name of the asset as it appears in Lucidum. Lucidum uses machine learning to deduplicate, triangulate, and aggregate records. The Lucidum Asset Name is a result of these machine learning tasks.

   • Asset Type. Lucidum asset type. For example, “server”, “container”, “vm”, or “workstation”. Lucidum uses machine learning to deduplicate, triangulate, and aggregate records. The Lucidum Asset Type is a result of these machine learning tasks.

   • Lucidum User Name. The user name as it appears in Lucidum. Lucidum uses machine learning to deduplicate, triangulate, and aggregate records. The Lucidum User Name is a result of these machine learning tasks. Clicking on a link in the Lucidum User Name column spawns the Viewing Details page for that user.

   • Data Category. Lucidum data category. This value usually describes the department that is using the data, for example, “Customer Support”, “Legal”, or “Sales”. Lucidum uses machine learning to deduplicate, triangulate, and aggregate records. The Lucidum Data Category is a result of these machine learning tasks.

   • First Time Seen. First time Lucidum found the asset.

   • Last Time Seen. Most recent update by Lucidum.

Duplicates in Data Source (Assets) #

The Duplicate Fields in Data Source page displays details about assets or users from a selected data source that have duplicate parameters. For example, assets from CrowdStrike Falcon with duplicate MAC addresses or assets with duplicate Serial Numbers.

1. Go to Data Sources (the database icon).

2. In the Data Sources page, click the Assets tab.

3. In the Data Sources page, click the value in the Count of Duplicates column.

4. The Duplicates in Data Source page appears.

   

The Duplicates in Data Source page displays the following about each duplicate collected by the data source:

• Field Name. The type of duplicate. For example, duplicated asset name with multiple serial number.

• Down arrow. Expands to show the list of duplicates.

• Count of Duplicates. Number of duplicates for the field name.

The Fields in Data Source page displays all the fields collected by the selected data source. To view this page:

1. Go to Data Sources (the database icon).

2. In the Data Sources page, click the Assets tab.

3. In the Data Sources page, click the value in the Ingested Fields column.

4. The Fields in Data Source page appears.

   

5. The Fields in Data Source page displays the following about each field collected by the data source:

   • Field. This column displays the list of fields that Lucidum ingests from the data source.

   • Non-Missing Count. Number of times that Lucidum ingested this field from the selected data source.

   • Missing Count. Number of times that Lucidum was unable to ingest this field from the selected data source.

   • Missing Percentage ( % ). Percentage of Missing Count compared to the total number of times Lucidum has ingested data from the data source.

   NOTE: Non-Missing Count, Missing Count, and Missing Percentage do not directly correlate to the number of Lucidum assets. Lucidum ingests data at least once a day and then updates data for existing assets.

   • Unique Count. Number of times the field was ingested only from this data source.

   • Unique Percentage. Percentage of times the field was ingested only from this data source.

   • Minimum. For numeric fields, the maximum value ingested from the data source.

   • Maximum. For numeric fields, the minimum value ingested from the data source.

Data Sources for Users #

To view data sources for assets:

1. Go to Data Sources (the database icon).

2. In the Data Sources page, click the Users tab.

   

3. The Data Sources page displays the following for each data source associated with users:

   • User Data Source. Name of the data source. Clicking on a link for a user data source leads to the Users in Data Source page, where you can view details about all user data ingested from the data source.

   • Range of Records per Ingestion. The number of records Lucidum ingests from the data source per ingestion.

   • Count of Duplicates. Number of instances of more than one user with a duplicate field value. Lucidum machine-learning resolves this duplicate.

   • Unique Assets. Number of unique users from the data source.

   • Ingested Fields. Number of fields ingested from this data source. Clicking on a link for the number of ingested fields leads to the Fields in Data Source page, where you can view details about each field ingested from the selected data source.

Users in Data Source #

The Assets in Data Source page displays all the assets that use the selected data source. To view this page:

1. Go to Data Sources (the database icon).

2. In the Data Sources page, click the Users tab.

3. In the Data Sources page, click a link in the User Data Source column.

4. The Users in Data Source page appears.

   

5. The Users in Data Source page displays the following about each asset that uses the data source:

   • Lucidum User Name. The name of the user as it appears in Lucidum. Lucidum uses machine learning to deduplicate, triangulate, and aggregate records. The Lucidum User Name is a result of these machine learning tasks.

   • Lucidum Asset Name. One or more asset names associated with the user. Lucidum uses machine learning to deduplicate, triangulate, and aggregate records. The Lucidum Asset Name is a result of these machine learning tasks. Clicking on a link in the Lucidum Asset Name column spawns the Viewing Details page for that asset.

   • Email. The email address associated with the user.

   • Manager. The name of the manager associated with the user.

   • First Time Seen. First time Lucidum found the user.

   • Last Time Seen. Most recent update of the user by Lucidum.

Fields in Data Source (Users) #

The Fields in Data Source page displays all the fields collected by the selected data source. To view this page:

1. Go to Data Sources (the database icon).

2. In the Data Sources page, click the User tab.

3. In the Data Sources page, click the value in the Ingested Fields column.

4. The Fields in Data Source page appears:

   

5. The Fields in Data Source page displays the following about each field collected by the data source:

   • Field. This column displays the list of fields that Lucidum ingests from the data source.

   • Non-Missing Count. Number of times that Lucidum ingested this field from the selected data source.

   • Missing Count. Number of times that Lucidum was unable to ingest this field from the selected data source.

   • Missing Percentage ( % ). Percentage of Missing Count compared to the total number of times Lucidum has ingested data from the data source.

   NOTE: Non-Missing Count, Missing Count, and Missing Percentage do not directly correlate to the number of Lucidum assets. Lucidum ingests data at least once a day and then updates data for existing assets.

   • Unique Count. Number of times the field was ingested only from this data source.

   • Unique Percentage. Percentage of times the field was ingested only from this data source.

   • Minimum. For numeric fields, the maximum value ingested from the data source.

   • Maximum. For numeric fields, the minimum value ingested from the data source.