To view the details of an asset

1. Go to Environment > Assets.
2. Next to the name of the asset whose details you want to review, click the icon .

3. Select Full Details.

   

Click the icon to bookmark an item for quick access.

In the upper left side of the page is the name and IP address of the asset, along with additional attributes that describe the particular asset An IP-addressable host, including but not limited to network devices, virtual servers, and physical servers.. One of these fields is the Create event if asset stops sending data. Use this field to configure the amount of time after which you want USM Anywhere to generate events if the asset has not received messages. See Events Created When an Asset Stops Sending Data for more information.

On the right is the status summary for your asset. It displays the total number of alarms Alarms provide notification of an event or sequence of events that require attention or investigation., events Any traffic or data exchange detected by LevelBlue products through a sensor or external devices such as a firewall., vulnerabilities, and configuration issues An identified configuration of deployed software or features of software that is in use, which is known to be insecure.. The circle can be orange (for alarms and configuration issues), blue for events, and red for vulnerabilities. The number inside each circle indicates the number of alarms, events, vulnerabilities, and configuration issues related to the asset. You can click each circle to view the full list of issues represented by that number.

Below the status summary, you can see this information:

• Agent Status. If there is a deployed agent, it displays the connection status of the LevelBlue Agent. You can deploy an agent from here. See The LevelBlue Agent
• Credentials. If the credential has been associated to the asset, it displays its name. You can assign and create the credential from here. See Managing Credentials in USM Anywhere for more information.
• Last Scanned. If it exists, the date of the latest scan. You can schedule jobs from here. See Scheduling Asset Scans from Assets, Scheduling Authenticated Asset Scans from Assets, and Scheduling Asset Scans from the Job Scheduler Page for more information.

In the lower side of the page, there is a table area with tabs, some of them correspond to the circles. Each tab contains a table with records, if present, for your asset.

The following table lists the tabs you see on the page.

Asset Details View Tabs Description

Tab Name	Description
Asset Groups	Asset groups Asset groups are administratively created objects that group similar assets for specific purposes. on which the asset is included.
Software	Software that is installed on the asset. Note: You need to run an authenticated asset scan to have a complete list of installed software.
Services	Services that are available on the asset. Note: You need to run an authenticated asset scan to have a complete list of available services.
BlueApps	BlueApps enabled for the asset.
Alarms	Alarms related to the asset. There is a bubble graph that provides a graphical representation of alarms by intent. The blue circles indicate the number of times that an alarm in an intent occurred. A bigger circle indicates a higher number of alarms. You can hover over each of the circles to get the actual number of alarms per intent. In addition, clicking a blue circle displays a list of only the alarms corresponding to that circle. You can change the displayed period of time by clicking the Last 24 Hours filter.
Events	Events related to the asset. Click an event to see its details.
Vulnerabilities	Vulnerabilities related to the asset. You can filter the active or inactive vulnerabilities by clicking the specific radio button. Click a vulnerability A known issue or weakness in a system, procedure, internal control, software package, or hardware that could be used to compromise security. to see its details. Note: Multiple rows may display for the same vulnerability if it has been reported by more than one source. This may result in a discrepancy between the numbers displayed on the Vulnerabilities tab at the bottom and in the Vulnerabilities counter at the upper right of this page.
Configuration Issues	Information about operational processes. You can filter the active or inactive configuration issues by clicking the specific radio button. Click a configuration issue to see its details.
Scan History	List of the asset scans already run. It includes a time-stamp of the scan, the scan type, the status, and the details of each scan. You can also click the Scan Details link here to download a file containing the details of the most recent authenticated asset scan here for up to a week after the scan was run.
File Integrity	This tab is available if the LevelBlue Agent has been deployed in the asset. It displays stats about File Integrity Monitoring Events. You can configure a time slot on which the events were received. These slots can be last hour, 24 hours, 7 days, 30 days, or 90 days. See File Integrity Monitoring for more information.
Agent	This tab is available if the LevelBlue Agent has been deployed in the asset. It displays information about the agent. You can see the status of the agent (connected or not) and the current version. You can configure a time slot on which the events were received. These slots can be last hour, 24 hours, 7 days, 30 days, or 90 days. You can also see the query history. See The LevelBlue Agent for more information. Users whose role is Manager, can also change the configuration profile. See LevelBlue Agent Configuration Profiles for more information.

In the upper right corner of the page is the Actions button. Use this button to perform the following actions In USM Anywhere you can execute an action from alarms, events, and vulnerabilities to run a scan, get forensic information, or execute a response for a configured BlueApp. on the asset. Your access to these actions may vary based on your user role. See Role-Based Access Control (RBAC) in USM Anywhere for more information:

• Configure Asset: See Editing Assets for more information.
• Delete Asset: See Deleting the Assets for more information.
• Add to Asset Group: See Creating an Asset Group for more information.
• Agent Query: See LevelBlue Agent Events and Queries for more information. This option is available for users whose role is Analyst or Manager.
• Asset Scan: This option displays or not depending on the sensor Sensors are deployed into an on-premises, cloud, or multi-cloud environment to collect logs and other security-related data. This data is normalized and then securely forwarded to USM Anywhere for analysis and correlation. associated with the asset. See Running Asset Scans for more information.
• Assign credentials: See Managing Credentials in USM Anywhere for more information.
• Authenticated Scan Authenticated scans are performed from inside the machine using a user account with appropriate privileges.: See Running Authenticated Asset Scans for more information.
• Scan with BlueApp: See Running Asset Scans Using a BlueApp for more information.
• Schedule Scan Job: See Scheduling Asset Scans from Assets, Scheduling Authenticated Asset Scans from Assets, and Scheduling Asset Scans from the Job Scheduler Page for more information.