Page tree

Overview

In the Detection screen, the Detection score focuses on the incoming activity of Armor services. You can use these scores to determine if Armor is receiving the necessary data to perform useful security checks for your environment. 

For Armor Complete, these services are: 

  • Malware Protection
  • FIM
  • Filebeat (for Linux)
  • Winlogbeat (for Windows)

For Armor Anywhere, these services are: 

  • Malware Protection
  • FIM
  • IDS
  • Filebeat (for Linux)
  • Winlogbeat (for Windows)
  • Vulnerability Scanning

Widgets and graph

WidgetDescription
Detection Score

This widget calculates a score based on:

  • Armor services that are collecting logs
  • Agents that are powered on
Score rangeHealth status
10 - 8Good
7 - 4

Fair

3 - 1Poor
Events Analyzed

An event is any log that passes an Armor agent.

Malware Protection, File Integrity Monitoring, Log and Event Management, and Patching contain a subagent.

This widget displays data from the previous month.

Services ReportingThis widget displays the percentage of agents that are receiving events. You can use this number to determine overall if your subagents are running properly.
Detection Score TrendThis graph displays the history of your detection scores.

Detection Events table 

The Detection Events table displays information for the past seven days. This table will update every day. 

ColumnDescription
DateThis column displays the date that Armor received the log.
Total EventsThis column displays the number of logs received for that day.
CategoryThis columnd display the type of log received from the Total Events column. This column lists the subagent for the collected logs.


Related documentation 



In this topic



Have a suggestion for the Armor Knowledge Base? Send a message to kb@armor.com.