Insights
Insights is the operational intelligence hub of DTACT, bringing together visualization, alerting, and case management capabilities to monitor, investigate, and respond to security events.
Core Applications
| Application | Purpose | Key Actions |
|---|---|---|
| Dashboards | Visual displays combining multiple panes | Create, customize, export to PDF |
| Panes | Individual visualizations from queries | Build charts, tables, gauges |
| Detections | Automated monitoring rules | Monitor data, generate alerts |
| Alerts | Events flagged by detections | Triage, investigate, escalate |
| Cases | Structured investigations | Collect evidence, collaborate, resolve |
Workflow
Data Sources → Detections → Alerts → Cases → Resolution
↓
AI Triage
How It Works
- Detections continuously monitor your data for specific conditions
- Alerts are automatically created when detection criteria are met
- AI Triage analyzes alerts and provides investigation guidance (optional)
- Cases organize related alerts and evidence for investigation
- Resolution documents findings and closes the investigation loop
Quick Links
Navigation
- Dashboards — Build visual displays for monitoring and reporting
- Panes — Create individual visualizations
- Detections — Set up automated monitoring
- Alerts — Manage security events
- Cases — Conduct investigations