| Role Availability | Read-Only | Investigator | Analyst | Manager |
- Go to Environment > Assets.
-
Next to the name of the asset whose details you want to review, click the
icon .
-
Select Full Details.
icon to bookmark an item for quick access.
You can view your bookmarked items by going to the secondary menu and clicking the icon. This will display all of your bookmarked items and provide direct links to each of them.
icon. This will display all of your bookmarked items and provide direct links to each of them.Configuration Issues are only shown on AWS and Azure Sensors.
The alarms and events counts are not updated in real time but instead are calculated every hour. If the counts are not updated, it can happen because new events or alarms are in your environment after the last count.The vulnerabilities and configuration issues counts are updated after every scan.
- Agent Status. If there is a deployed agent, it displays the connection status of the LevelBlue Agent. You can deploy an agent from here. See The LevelBlue Agent
- Credentials. If the credential has been associated to the asset, it displays its name. You can assign and create the credential from here. See Managing Credentials in USM Anywhere for more information.
- Last Scanned. If it exists, the date of the latest scan. You can schedule jobs from here. See Scheduling Asset Scans from Assets, Scheduling Authenticated Asset Scans from Assets, and Scheduling Asset Scans from the Job Scheduler Page for more information.
| Tab Name | Description |
|---|---|
| Asset Groups | Asset groups on which the asset is included. |
| Software | Software that is installed on the asset. Note: You need to run an authenticated asset scan to have a complete list of installed software. |
| Services | Services that are available on the asset. Note: You need to run an authenticated asset scan to have a complete list of available services. |
| BlueApps | BlueApps enabled for the asset. |
| Alarms | Alarms related to the asset. There is a bubble graph that provides a graphical representation of alarms by intent. The blue circles indicate the number of times that an alarm in an intent occurred. A bigger circle indicates a higher number of alarms. You can hover over each of the circles to get the actual number of alarms per intent. In addition, clicking a blue circle displays a list of only the alarms corresponding to that circle. You can change the displayed period of time by clicking the Last 24 Hours filter. |
| Events | Events related to the asset. Click an event to see its details. |
| Vulnerabilities | Vulnerabilities related to the asset. You can filter the active or inactive vulnerabilities by clicking the specific radio button. Click a vulnerability to see its details. Note: Multiple rows may display for the same vulnerability if it has been reported by more than one source. This may result in a discrepancy between the numbers displayed on the Vulnerabilities tab at the bottom and in the Vulnerabilities counter at the upper right of this page. |
| Configuration Issues | Information about operational processes. You can filter the active or inactive configuration issues by clicking the specific radio button. Click a configuration issue to see its details. |
| Scan History | List of the asset scans already run. It includes a time-stamp of the scan, the scan type, the status, and the details of each scan. You can also click the Scan Details link here to download a file containing the details of the most recent authenticated asset scan here for up to a week after the scan was run. |
| File Integrity | This tab is available if the LevelBlue Agent has been deployed in the asset. It displays stats about File Integrity Monitoring Events. You can configure a time slot on which the events were received. These slots can be last hour, 24 hours, 7 days, 30 days, or 90 days. See File Integrity Monitoring for more information. |
| Agent | This tab is available if the LevelBlue Agent has been deployed in the asset. It displays information about the agent. You can see the status of the agent (connected or not) and the current version. You can configure a time slot on which the events were received. These slots can be last hour, 24 hours, 7 days, 30 days, or 90 days. You can also see the query history. See The LevelBlue Agent for more information. Users whose role is Manager, can also change the configuration profile. See LevelBlue Agent Configuration Profiles for more information. |
- Configure Asset: See Editing Assets for more information.
- Delete Asset: See Deleting the Assets for more information.
- Add to Asset Group: See Creating an Asset Group for more information.
- Agent Query: See LevelBlue Agent Events and Queries for more information. This option is available for users whose role is Analyst or Manager.
- Asset Scan: This option displays or not depending on the sensor associated with the asset. See Running Asset Scans for more information.
- Assign credentials: See Managing Credentials in USM Anywhere for more information.
- Authenticated Scan: See Running Authenticated Asset Scans for more information.
- Scan with BlueApp: See [Running Asset Scans Using a BlueApp] for more information.
- Schedule Scan Job: See Scheduling Asset Scans from Assets, Scheduling Authenticated Asset Scans from Assets, and Scheduling Asset Scans from the Job Scheduler Page for more information.