Threat Map

The threat map is your first indicator of a threat detected by Sandfly. If data appears in red then Sandfly detected a problem. Use the UI to dig deeper into the situation.

Threat Stats

The boxes at the top indicate how many alerts, errors and passed checks Sandfly has seen. Plus you can see how many active hosts are recently seen in the system.

A screenshot of the Sandfly Hero screen

Sandfly Hero Screen

Clicking anywhere within each box drills you down into the resulting data. For instance, the Alerts box takes you to a filtered view of only alerts.

Security Zones Violations

A list of SSH Security Zones that are currently violated is shown in another section of the dashboard.

A screenshot of the Security Zones Violations widget

Violations in Security Zones

Up to 5 zones in violation will be displayed, with an indicator to go to the View Zones page if there are more than 5 (like on Host Alerts).

New SSH Keys

Further down the dashboard is a section showing new SSH keys that have been detected by Sandfly within the last 72 hours. The table shows the 5 most recent keys, however the "Plus x more ..." button can be used to display the full list.

The ability to see when new SSH Keys appear is a further aid in protecting your infrastructure from unexpected activities.

New SSH Keys Widget

New SSH Keys Widget

Updated 12 days ago