Viewing Asset Group Details

Role Availability Read-Only Investigator Analyst Manager

From the Asset Group List view, you can display the details of an asset group Asset groups are administratively created objects that group similar assets for specific purposes..

To view the details of an asset group

  1. Go to Environment > Asset Groups.
  2. Click the icon whose details you want to view.
  3. Select Full Details.

In the asset groups details, on the upper left side of the page, you see the name, the description, the type of grouping, the number of assets An IP-addressable host, including but not limited to network devices, virtual servers, and physical servers. that are part of that group, and the criteria of grouping.

On the right, you see the status summary for your asset group. It displays the total number of configuration issues An identified configuration of deployed software or features of software that is in use, which is known to be insecure., vulnerabilities, alarms Alarms provide notification of an event or sequence of events that require attention or investigation., and events Any traffic or data exchange detected by AT&T Cybersecurity products through a sensor or external devices such as a firewall.. The circle can display in orange (for alarms and configuration issues), blue for events, and red for vulnerabilities. There is a number inside each circle to indicate the number of alarms, events, vulnerabilities and configuration issues associated with the members of the asset group. You can click each circle to explore the information of each one.

Note: Configuration Issues are only available for AWS Amazon Web Services (AWS) is a suite of cloud computing services from Amazon that make up an on-demand platform giving users access to their computing resources. and Azure Microsoft Azure is a cloud computing platform and infrastructure created by Microsoft for building, deploying, and managing applications and services through a global network of Microsoft-managed data centers. Sensors.

At the bottom, there is a table area with tabs, some of which correspond to the circles. Each tab contains a table with records, if present, for your asset group.

Asset Groups Details view tab description
Tab Information Shown

Assets that are part of the group. Click View to go to the details of the asset.

Software Software installed on the assets of the group.
Services Services available on the assets of the group.
Alarms Alarms related to the assets of the group. There is a bubble graph that provides a graphical representation of alarms by intent. Blue circles indicate the number of times that an alarm in an intent showed. A bigger circle indicates a higher number of alarms. You can hover over each of the circles to get the actual number of different types of intent. In addition, if you click any of the blue circles, they display only the alarms corresponding to that circle. You can change the displayed period of time by clicking the Last 24 Hours filter.
Events Events related to the assets of the group. Click an event to see its details.

Vulnerabilities related to the assets of the group. You can filter the active or inactive vulnerabilities by clicking the specific radio button. Click a vulnerability A known issue or weakness in a system, procedure, internal control, software package, or hardware that could be used to compromise security. to see its details.

Note: Multiple rows may display for the same vulnerability if it has been reported by more than one source. This may result in a discrepancy between the numbers displayed on the Vulnerabilities tab at the bottom and in the Vulnerabilities counter at the upper right of this page.

Configuration Issues Information about operational processes. You can filter the active or inactive configuration issues by clicking the specific radio button. Click a configuration issue to see its details.
History Additions and removals to the group.
Scan History List of the asset scans already run. It includes a time-stamp of the scan, the scan type, the status, and the details of each scan. You can also click the Scan Details link here to download a file containing the details of the most recent authenticated asset group scan here for up to a week after the scan was run.

The Actions button, located in the upper right side of the page, enables you to access the following options. Your access to these actions may vary based on your user role. See Role-Based Access Control (RBAC) in USM Anywhere for more information: