Location: Business Group: 3. Cost Center

Comprehensive user manual for CySight Ai-Driven Network and Endpoint Detection and Response (NDR, EDR) Forensics and Application Performance Monitoring (APM)

Location: Business Group: 3. Cost Center

The "Cost Center" screen allows maintenance operations on added Cost Centers:

Command Buttons
  • Search
  • Add
  • Modify
  • Delete
  • Anomaly Detection
The bold menu button reflects the current command status.

Image
  • Search - The "Search" button will expand the Search panel.

    ID, Name, Date, IPv4 Allocated, IPv6 Allocated, AS Correlation can all be searched by choosing an operator and entering a value.

    Pressing the "Confirm" button will list the matched Cost Centers.

    Image
  • Add - The "Add" button will expand the panel to allow data entry. Enter in an Cost Center name.

    Pressing the "Confirm" button will add the entered Cost Center.

    Image
    The Cost Center ID is automatically generated.
  • Modify - Highlight an Cost Center using your mouse and then clicking the "Modify" button allows the selected Cost Center Name to be edited.

    Pressing the "Confirm" button will update the selected Cost Center.

    Image
    Only the Cost Center name can be changed.
  • Delete - Highlight an Cost Center using your mouse and then clicking the "Delete" button allows the selected Cost Center Name to be Deleted.

    Pressing the "Confirm" button will Delete the selected Cost Center.

    Image
    Cost Centers that have an Cost Center id less than 10, are not allowed to removed.
    A Deleted Cost Center will appear as an Cost Center id in a query or report if tagged traffic data already exists for the deleted Cost Center.
  • Anomaly Detection - Highlight an Cost Center using your mouse and then clicking the "Anomaly Detection" button allows the selected Cost Center Name to begin generating a Baseline Alert for the highlighted Cost Center.

    Pressing the "Confirm" button will Enter the Forensics Template / Report / Alert Screen from where a simple "SaveNew" is all thats needed for CySight to begin learning and alerting Intelligent Baselines. See Forensics: 7. Creating Anomaly Detection Baseline Alerts and Forensics: 6. NBAD - Anomaly Detection Baseline Alerting.

    Image

    Image
    Too many baseline alerts could theoretically eventually impact netflow data collection or the systems ability to respond. If impact of collection does occur then CySight can be run in a Clustered Collection architecture
Drill Down

Clicking on the "IPv4 Allocated", "IPv6 Allocated" or "AS Correlation" values allows drill down to the respective "IPv4 Allocation", "IPv6 Allocation" or "Autonomous System" screens with the corresponding Cost Center as the criteria.

Image

Clicking on the icons in the right columns allows drill down to an Interface Route view of the forensics screen with the corresponding Cost Center as EITHER the Source Cost Center or the Destination Cost Center as the Criteria.

Image

Image
Top

Return to “CySight User Manual”