From the Asset Group List view, you can display the details of an asset group Asset groups are administratively created objects that group similar assets for specific purposes..
To view the details of an asset group
- Go to Environment > Asset Groups.
Click the icon whose details you want to view.
- Select Full Details.
In the asset groups details, on the upper left side of the page, you see the name, the description, the type of grouping, the number of assets An IP-addressable host, including but not limited to network devices, virtual servers, and physical servers. that are part of that group, and the criteria of grouping.
On the right, you see the status summary for your asset group. It displays the total number of configuration issues An identified configuration of deployed software or features of software that is in use, which is known to be insecure., vulnerabilities, alarms Alarms provide notification of an event or sequence of events that require attention or investigation., and events Any traffic or data exchange detected by AT&T Cybersecurity products through a sensor or external devices such as a firewall.. The circle can display in orange (for alarms and configuration issues), blue for events, and red for vulnerabilities. There is a number inside each circle to indicate the number of alarms, events, vulnerabilities and configuration issues associated with the members of the asset group. You can click each circle to explore the information of each one.
Note: Configuration Issues are only available for AWS Amazon Web Services (AWS) is a suite of cloud computing services from Amazon that make up an on-demand platform giving users access to their computing resources. and Azure Microsoft Azure is a cloud computing platform and infrastructure created by Microsoft for building, deploying, and managing applications and services through a global network of Microsoft-managed data centers. Sensors.
At the bottom, there is a table area with tabs, some of which correspond to the circles. Each tab contains a table with records, if present, for your asset group.
Assets that are part of the group. Click View to go to the details of the asset.
|Software||Software installed on the assets of the group.|
|Services||Services available on the assets of the group.|
|Alarms||Alarms related to the assets of the group.
|Events||Events related to the assets of the group. Click an event to see its details.|
Vulnerabilities related to the assets of the group. You can filter the active or inactive vulnerabilities by clicking the specific radio button. Click a vulnerability A known issue or weakness in a system, procedure, internal control, software package, or hardware that could be used to compromise security. to see its details.
Note: Multiple rows may display for the same vulnerability if it has been reported by more than one source. This may result in a discrepancy between the numbers displayed on the Vulnerabilities tab at the bottom and in the Vulnerabilities counter at the upper right of this page.
|Configuration Issues||Information about operational processes. You can filter the active or inactive configuration issues by clicking the specific radio button. Click a configuration issue to see its details.|
|History||Additions and removals to the group.|
|Scan History||List of the asset scans already run. It includes a time-stamp of the scan, the scan type, the status, and the details of each scan. You can also click the Scan Details link here to download a file containing the details of the most recent authenticated asset group scan here for up to a week after the scan was run.|
The button Actions, located in the upper right side of the page, enables you to access these options:
- Configure Asset Group, see Configuring an Asset Group for more details.
- Delete Asset Group, see Deleting an Asset Group for more details.
- Edit Fields. This option is similar to the one for Assets, see To assign asset fields to an asset or group of assets for more details.
- Assign Credentials to Group Members. This option assigns credentials to the members of the asset group. This option is similar to the one for Assets, see Managing Credentials in USM Anywhere for more details.
- Assign Agent Profile. This option assigns a specific agent profile to the members of the asset group. See Assign AlienVault Agent Configuration Profiles to Asset Groups for more information.
- Set Sensor, see To assign a sensor to an asset group for more details.
- Asset Group Scan, see Running Asset Groups Scans.
- Assign Credentials. This option assigns credentials to current members of the Asset Group and Assets added to the group later. See Managing Credentials in USM Anywhere for more details.
- Authenticated Scan Authenticated scans are performed from inside the machine using a user account with appropriate privileges., see Running Authenticated Asset Groups Scans.
- Schedule Scan Job, see Scheduling Asset Group Scans from Asset Groups, Scheduling Authenticated Asset Group Scans from Asset Groups, and Scheduling Asset Groups Scans from the Job Scheduler Page for more details.
Note: Keep in mind if you assign an asset field to an asset group, you assign the asset field to its members, not to the asset group.