A status dashboard contains widgets from which you can view and manage data. Widgets are the building blocks of status dashboards. For more information about widgets, see Adding Widgets to Dashboards below. They provide information about different aspects of your Grid and networks. For example, the Member Status widget provides general information about a Grid member, and the Network Statistics widget provides data for a specified network.

The appliance provides a default status dashboard. Grid Manager displays the default dashboard only when there is more than one widget on the dashboard. You can add and modify widgets in the default dashboard, but you cannot rename or delete it. From a dashboard, you can access your most commonly accessed tasks and monitor appliance status. You can configure your own status dashboards to which you can add widgets that help you manage different data. Configuring multiple status dashboards helps organize widgets in a meaningful way and improves dashboard and widget performance. This is especially useful when you have a Grid serving a large number of Grid members. When you configure a new dashboard, you can use the existing dashboard as a template. You can create up to 100 copies at a time using the Add Dashboard option. For information about how to add status dashboards, see Adding Status Dashboards below.

You can add widgets to different dashboards, however, you can add only one widget at a time on each dashboard. The default number of widgets per dashboard is 10. The maximum number of widgets that you can add on each dashboard is 20 at a time. You can define the number of widgets that can be configured on each dashboard in User Profile. This limitation applies only to dashboards that you configure and does not apply to the default dashboard. For information about how to specify the widget limit, see Configuring Widget Limit per Dashboard below.

Grid Manager provides a default Security dashboard if you have installed any or all of the following licenses on the appliance: Threat Protection, RPZ, and Threat Analytics Insight. The Security dashboard contains widgets that help you monitor the security status of the Grid. In the Security dashboard, you can add and remove widgets, but you cannot rename or delete them.

...

If you have configured a lot of status dashboards, you can use the Quick Navigation icon to quickly access each status dashboard. For information, see Using Quick Navigation below. The Status Dashboard figure below illustrates the typical layout in Grid Manager after you configure multiple status dashboards.

Anchor

	Status_Dashboard
	Status_Dashboard

Status Dashboard

...

Add new status dashboards, as described inAdding Status Dashboards below.
Rename a dashboard, as described in Renaming Status Dashboards below.
Copy or move a widget, as described in Copying or Moving Widgets below.
Reorder dashboards, as described in Reordering Status Dashboards below.
Delete dashboards, as described in Deleting Status Dashboards below.
Configure widget limit#limit, as described in Configuring Widget Limit per Dashboard below.
Configure Security dashboard properties, as described in Configuring Security Status Thresholds below.

Anchor
Adding_Widgets_to_Dashboards
Adding_Widgets_to_Dashboards
Adding Widgets to Dashboards

...

Grid Manager displays the Security dashboard if you have any or all of the following licenses installed on your appliance: Threat Protection, RPZ, and Threat Analytics Insight. The Security dashboard contains the following widgets, depending on the licenses installed on your appliance:

...

Default Status Dashboard: From the Dashboards -> Status tab -> Default tab, click the Configure icon -> Add Content. This is applicable when you have the default dashboard only.
Configured Status Dashboards: From the Dashboards -> Status tab, select the configured status dashboard, click the Configure icon -> Add Content.
Security Status Dashboard: From the Dashboards -> Status tab -> Security tab, click the Configure icon -> Add Content. This is applicable only when at least one member in the Grid has Threat Protection, RPZ, or Threat Analytics Insight license. Note that the Security Status dashboard is a default dashboard and it cannot be renamed or deleted.
Grid Manager displays thumbnails of the available widgets. Use the scroll bar on the right to scroll through the widgets, as illustrated in the below Widgets Panel figure.
Click an icon on the filter panel, as illustrated in the Widgets Panel figure, to add a widget to the desired dashboard. The Filter panel is categorized into the following:
Cloud icon
Security icon
DNS/DHCP icon
Reset icon
When you click on an icon, Grid Manager displays thumbnails of the widgets belonging to the respective filter. If you click filters one after the other without clicking Reset, Grid Manager displays thumbnails of all widgets along with the icon that indicates the category to which the widget belongs. Click Reset to view only those widgets that belong to the selected category.

Select and drag a widget to the desired location on your dashboard. You can also click icon to add a widget to the desired dashboard.
After you add a widget to the dashboard, you can configure it to provide relevant data. You can also copy or move a widget, by selecting and dragging it to its new location on your dashboard. Grid Manager saves your dashboard configuration and displays it the next time you log in.
You can turn on auto-refresh by clicking On in the Turn Auto Refresh field at the top of the dashboard to periodically refresh the contents of all widgets in the dashboard. Click Off to disable auto-refresh for all widgets in the dashboard. When auto-refresh is disabled, you can enable it for individual widgets by clicking the Configure icon in the corresponding widgets. You can specify the auto-refresh period in seconds. The default auto-refresh period is 30 seconds.

Warning

title	Warning

If the Detailed Status panel is open, the following actions take place:

Grid Manager auto refreshes at a rate of 30 seconds.
Widgets that support user-specified auto refresh, refresh at the rate specified in the Auto Refresh Period field.

Therefore, even if you set the session timeout to be to greater than the auto refresh rate, auto refresh still takes place. The Grid Manager session does not time out because auto refresh takes precedence over the session timeout.

Widgets have the following icons:

Copy/Move: Click to copy or move the widget from a dashboard to another. For information about how to copy or move, see Copying or Moving Widgets below.
Span Up/Span Down: Click to resize the widget. Click Span Up to increase the width of the widget. Click Span Down to decrease the width of the widget. Note that the fully spanned widgets are moved to the top of the dashboard.
Refresh: Click to update the content of the widget. Each widget contains a status bar at the bottom that displays the last date and time it was updated.
Configure: Click to hide and show the configuration options of the widget.
Toggle: Click to minimize and restore the widget.
Close: Click to remove the widget from a dashboard.

...

You can use the Quick Navigation icon to quickly access a specific dashboard. The appliance provides the Quick Navigation icon at the right corner of the status dashboards, as illustrated in the Status Dashboardfigure above.

To quickly navigate to a dashboard, complete the following:

...

You can configure thresholds to determine the overall status of Threat Protection, DNS RPZ (Response Policy Zone), and DNS Threat Analytics Insight services in the Grid. Grid Manager provides a view of the overall security status of the Grid in the Security Status for Grid dashboard widget. For information, see Security Status for Grid below.

To configure the thresholds for security status, complete the following:

From the Dashboards -> Status tab, click the Configure icon -> Global Dashboard Properties.
In the Global Dashboard Properties editor, complete the following:
- Threat Protection Thresholds: Define the thresholds for each severity level of the threat protection events for the following colors:
  - Yellow: Specify the low threshold value for Critical, Major, and Warning severity level. The default values are 1, 20, and 100 for Critical, Major, and Warning respectively.
  - Red: Specify the high threshold value for Critical, Major, and Warning severity level. The default values are 5, 100, and 1000 for Critical, Major, and Warning respectively.
    Depending on the specified thresholds, Grid Manager determines the status of threat protection service as follows, which is displayed in the Status column of the Security Status for Grid widget:
    - Green (OK): When the number of threat protection events are less than the low threshold value specified for the yellow color for all the severity levels
    - Yellow (Warning): When the number of threat protection events equals or exceeds the threshold value specified for the yellow color but less than the threshold value specified for the red color for any of the severity levels.
    - Red (Critical): When the number of threat protection events equals or exceeds the high threshold value specified for the red color for any of the severity levels.
  - Response Policy Zone Thresholds: Define the threshold values for the following colors to determine the overall status of RPZ:
    - Yellow: Specify the low threshold value for Blocked, Substitute, and Passthru RPZ rules. The default values are 10, 1, and 100 for Blocked, Substitute, and Passthru respectively.
    - Red: Specify the high threshold value for Blocked, Substitute, and Passthru RPZ rules. The default values are 100, 10, and 1000 for Blocked, Substitute, and Passthru respectively.
      Depending on the specified thresholds, Grid Manager determines the status of RPZ as follows, which is displayed in the Status column of the Grid Security Status widget:
      - Green (OK): When the number of RPZ hits are less than the low threshold value specified for the yellow color for all the rule types.
      - Yellow (Warning): When the number of RPZ hits equals or exceeds the threshold value specified for the yellow color but less than the threshold value specified for the red color for any of the rule types.
      - Red (Critical): When the number of RPZ hits equals or exceeds the high threshold value specified for the red color for any of the rule types.
    - Threat Analytics Insight Thresholds: Define the thresholds for the following colors, to determine the overall status of DNS Threat AnalyticsInsight:
      - Yellow: Specify the low threshold value for DNS Tunneling events. The default value is 1.
      - Red: Specify the high threshold value for DNS Tunneling events. The default value is 5.
        Depending on the specified thresholds, Grid Manager determines the status of DNS Threat Analytics Insight as follows, which is displayed in the Status column of the Grid Security Status widget:
        Green(OK): When the number of DNS tunneling attacks are less than the low threshold value specified for the yellow color.
        Yellow(Warning): When the number of DNS tunneling attacks equals or exceeds the threshold value specified for the yellow color but less than the threshold value specified for the red color.
        Red(Critical): When the number of DNS tunneling attacks equals or exceeds the high threshold value specified for the red color.
Save the configuration.

...

This section also displays the overall operational status of the DNS, DHCP, NTP, FTP, TFTP, HTTP (File Distribution), bloxTools, Captive Portal, Cloud Sync (Cloud DNS Sync in 9.0.x versions prior to 9.0.4), DNS Accelerator usage, and Reporting services that are currently running on the Grid. The status icon can be one of the following:

...

Click the Configuration icon again to hide the configuration panel after you complete the modification.

Grid Manager displays the hostname of the appliance at the top of the widget. You can click the name link to view detailed information about the appliance. The widget also displays the upgrade status if the member is currently in the process of an upgrade. If the member is scheduled for an upgrade, the Scheduled for upgrade link appears. You can click this link to access the Grid tab -> Upgrade tab to view more details about the date and time of the scheduled upgrade.

The widget also displays the service status of the following: FTP, TFTP, HTTP (File Distribution), DNS, DHCP, NTP, bloxTools, Captive Portal, Cloud Sync (Cloud DNS Sync in 9.0.x versions prior to 9.0.4), DNS Accelerator, and Reporting in the Services section. The service status can be one of the following:

...

Click Select Member. In the Member Selector dialog box and select a Grid member from the list.
CPU: Select which type of CPU usage you want to track:
- User: The CPU usage of user applications, such as programs and libraries.
- System: The CPU usage of the kernel and drivers.
- Idle: The percentage of CPU that is not in use.
System Memory: Select which portion of the system memory you want to track:
- Real Memory Used: The physical RAM usage.
- Swap Used: The swap area usage. The swap area is the disk area that temporarily holds a process memory image.
NIC Usage: Select how you want to measure network traffic:
- Bytes: Reports the number of bytes.
- Packets: Reports the number of packets.
NIC Settings: Select the port on which you want to measure network traffic. If you have configured VLANs, Grid Manager displays them in the format LAN1 nnnn or LAN2 nnnn, where nnnn represents the associated VLAN ID. For example, a VLAN configured on LAN1 can be displayed as LAN1 297 and a LAN2 VLAN can be LAN2 21. For more information about VLANs, see VLAN Management.
Note that for vNIOS appliances, some of the options in the drop-down list may vary depending on your vNIOS configuration. For example, if you are using a single network interface instance of vNIOS for GCP, you will see choices specific to the LAN1 interface only. For more information, see the vNIOS documentation specific to your product at Appliances.
CPU Utilization and Top N Processes: Set the auto refresh period in this section. NIOS displays the information for all available cores.
- Auto Refresh Period for CPU Utilization and Top N Processes: Enter the time interval in seconds for the CPU Core Utilization graph and the top N process data to auto refresh and display the CPU core utilization information. If you enter 12, the graph displays new information after every 12 seconds. You can enter a minimum refresh interval of 10 seconds and a maximum refresh interval of 30 seconds. By default, the time interval is set to 10 seconds. This field is applicable only to the CPU Utilization and Top N Processes tabs.
Auto Refresh Period: Enter the refresh interval in seconds for the data in the CPU, System Memory, and NIC Usage tabs to auto refresh.

The System Activity Monitor widget displays a tab for each resource: CPU, System Memory, NIC Usage, CPU Utilization, Top N Processes.

...

CPU: The graph on the CPU tab tracks the percentage of CPU usage.
System Memory: The graph on the System Memory tab tracks the memory utilization percentage.
NIC Usage: The graph on the NIC Usage tab tracks either bytes or packets per second.
CPU Utilization: If you select the Live option, the graph tracks live CPU utilization data for the last 10 minutes for all CPUs in your Grid member. The graph is refreshed based on the time interval you specify in the Auto Refresh Period for CPU Utilization and Top N Processes field. Each CPU is denoted in a different color. If you select the Historical option, you can view the CPU utilization data for up to a maximum of past 60 minutes based on the time range you specify in the Earliest and Latest fields. For example, if you enter 2019-09-05 and 09:20:42 AM in the Earliest field and 2019-09-05 and 10:20:42 AM in the Latest field, the graph displays the CPU utilization data for 5th September 2019 between 9:20:42 AM and 10:20:42 AM. You can view data for a maximum of past of 5 days but the time difference between Earliest and Latest time should not exceed 60 minutes.
Top N Processes: If you select the Live option, the table displays the process ID and name of the top N processes that are consuming CPU utilization. N is the number that you specify in the Number of Top Processes field on the Monitoring tab of the Grid Properties editor. It also displays the percentage of CPU utilized by each process. The data is refreshed based on the time interval you specify in the Auto Refresh Period for CPU Utilization and Top N Processes field. If you select the Historical option, you can view past top N process data based on the time range you specify in the Earliest and Latest fields. For example, if you enter 2019-09-05 and 09:20:42 AM in the Earliest field and 2019-09-05 and 10:20:42 AM in the Latest field, the graph displays the top process data on 5th September 2019 between 9:20:42 AM and 10:20:42 AM. You can view data for a maximum of 5 days.

...

Left click the Action icon next to a zone to perform the following: Image Removed
- View Syslog: Select this to open the Syslog Preview dialog and view data discrepancy events for the selected zone.
- Check Now: Select this to perform DNS integrity check to immediately query current DNS data from the top-level parent domain. When you select this, verbose logging for DNS integrity check is automatically enabled. After the operation is complete, the appliance updates the timestamp for the Last Checked column.
Zone: Displays the name of the top-level authoritative zones that is being monitored for DNS integrity check. You can click the zone name and the appliance opens the zone viewer for the selected zone.
Status: Displays the current DNS data discrepancy status. The status can be one of the following:
- Critical (red): Data in the NS RRsets for the authoritative and delegate zones are completely out of synchronization.
- Severe (orange): Some data in the NS RRset between the authoritative and delegate zones overlaps and some data is different.
- Warning (yellow): The NS RRset for the authoritative zone is a subset of the NS RRset for the delegate zone. It is possible that incorrect IP addresses have been entered at the registrar.
- Informational (blue): The NS RRset for the delegate zone is a subset of the NS RRset for the authoritative zone. This could indicate a possible delay in domain registration.
- Normal (green): There are no DNS data discrepancies between the NS RRsets for the authoritative and delegated zones.
- None (black): No DNS discrepancies data has been collected or DNS integrity check has not been performed.
Last Checked: The timestamp in YYYY-MM-DD HH:MM:SS when the parent domain was last queried for its DNS data.
Description: Information about the zone.

...

You can also click Go to Syslog Viewer on the upper right corner of the dialog to view all events in the syslog. For more information about the syslog, see Viewing the Syslog.

Cloud Statistics

The Cloud Statistics widget appears only when you have deployed the Cloud Network Automations license on the Grid Master. This widget displays statistical information for cloud objects. It contains the following tabs: Tenant & VMs, Fixed vs. Floating and Available vs. Allocated. You must install valid cloud related licenses to access this widget. For more information about installing licenses and enabling Cloud Network Automation, see Deploying Cloud Network Automation.
To modify the Cloud Statistics widget, click the Configure icon and select one of the following:

...

The Security Status for Grid widget displays the overall status of Threat Protection, RPZ (Response Policy Zone), and DNS Threat Analytics Insight services on the Grid members that support Infoblox Advanced DNS Protection, hardware or Software ADP, and Infoblox Threat Insight. Grid Manager displays this widget only when at least one member in the Grid has the Threat Protection, RPZ, or Threat Analytics Insight license installed. You can add this widget to the Security dashboard to monitor the overall security status of the Grid. The statistics displayed in this widget are cumulative, collected from all the Grid members that support Infoblox Advanced DNS Protection, hardware or Software ADP, and Infoblox Threat Insight. This widget displays data for the last 30 minutes. The overall status of Threat Protection, RPZ, and DNS Threat Analytics Insight is determined by the threshold values configured in the Global Dashboard Properties editor. For information, see Configuring Security Status Thresholds below.

Note

If the Threat Protection license is not installed on any of the Grid members, Grid Manager does not display any threat protection related information in this widget. Similarly, if the RPZ license is not installed on any of the Grid members, Grid Manager does not display RPZ and DNS Threat Analytics Insight related information in this widget and if the Threat Analytics Insight license is not installed on any of the Grid members, Grid Manager does not display DNS Threat Analytics Insight related information in this widget.

The widget displays the following information for Threat Protection, RPZ, and DNS Threat AnalyticsInsight:

Status: It displays the overall status of the security service in the Grid based on the events collected from all the members that support Infoblox Advanced DNS Protection and Infoblox Threat Insight. It represents the status of the most critical member in the Grid.
The status icon can be one of the following for the Threat Protection, RPZ, and DNS Threat Analytics Insight service:
- OK (Green): The license for the security service is installed and the security service is running. The rulesets for the security service are available and the number of events triggered are less than the yellow and red threshold values configured in the Global Dashboard Properties editor for the corresponding security service.
- Warning (Yellow): The license for the security service is installed and the security service is running. The rulesets for the security service are available and the number of events triggered for any of the parameters equals or exceeds the yellow threshold value, but less than the red threshold value configured in the Global Dashboard Properties editor for the corresponding security service.
- Critical (Red): The license for the security service is installed and the security service is running. The rulesets might not be available or the number of events triggered for any of the parameters, equals or exceeds the red threshold value configured in the Global Dashboard Properties editor for the corresponding security service.
- Not Setup (Black): The license for the security service is installed, but the security service is not running.
- Unknown (Black): The data is not available from the Grid member.

You can hover your mouse over the Threat Protection, RPZ, and Threat Analytics Insight status icon and view the Threat Protection Status for Grid widget, Response Policy Zone (RPZ) Status for Grid widget, and Threat Analytics Insight Status for Grid widget respectively. For information about Threat Protection Status for Grid widget, Response Policy Zone (RPZ) Status for Grid widget, and Threat Analytics Insight Status for Grid widget, see below see Threat Protection Status for Grid, Response Policy Zone (RPZ) Status for Grid, and Threat Analytics Insight Status for Grid respectively.

...

Click Configure Security Status Thresholds to configure the thresholds for the security status of the Grid. In the Global Dashboard Properties editor, you can define the threshold values for Threat Protection, RPZ, and DNS Threat AnalyticsInsight. For information, see Configuring Security Status Thresholds below.
Select the Auto Refresh Period checkbox to turn on auto-refresh and specify the auto-refresh period in seconds. The default auto-refresh period is 30 seconds.

...

Member: The name of the member. You can hover your mouse over the member name and view the Member Status widget. For information about the Member Status widget, see Member Status (System Status) below.
IPv4 Address: The IPv4 address of the member.
IPv6 Address: The IPv6 address of the member.
Threat Protection Status: The status of the threat protection service running on the member. This can be either OK, Warning, Critical, NotSetup, or Unknown. You can hover your mouse over the threat protection status and view the Threat Protection Status for Member widget. For information about the Threat Protection Status for Member widget, see Threat Protection Status for Member below.
RPZ Status: The status of the RPZ service running on the member. This can be either OK, Warning, Critical, NotSetup, or Unknown. You can hover your mouse over the RPZ status and view the ResponsePolicyZone(RPZ)Statistics widget. For information about the Response Policy Zone (RPZ) Statistics widget, see Response Response Policy Zone (RPZ) Status for Member belowStatistics widget.
Analytics Status: The status of the DNS Threat Analytics Insight service running on the member. This can be either OK, Warning, Critical, NotSetup, or Unknown.

...

Turn on auto-refresh. Click the Configure icon and select the AutoRefreshPeriod checkbox to turn on auto-refresh. Specify the auto-refresh period in seconds. The default auto refresh period is 30 seconds.
Click the Action icon (shown as a gear in each row of the table) next to the overall status of each member, and select ViewSyslog to view all the events logged in the syslog. Grid Manager displays the syslog messages in the Syslog Preview window.
Click the Export icon to export the data displayed in this widget.
Click the Print icon to print the data displayed in this widget.
Click Response Policy Zones link in the GoTo field at the top of the widget to view the RPZs configured on the member. Grid Manager displays the Response Policy Zones tab in the DNS tab. To navigate back to the Security dashboard, click Back to Security Dashboard at the top left corner of the navigation bar in the Response Policy Zones tab.
Click Threat Protection link in the Go To field at the top of the widget to view the threat protection rulesets configured on the member. Grid Manager displays the Threat Protection Rules tab in the Security tab. To navigate back to the Security dashboard, click Back to Security Dashboard at the top left corner of the navigation bar in the Threat Protection Rules tab.
Click Threat AnalyticsInsight link in the Go To field at the top of the widget to view the whitelist domains configured on the member. Grid Manager displays the Threat AnalyticsInsight tab. To navigate back to the Security dashboard, click Back to Security Dashboard at the top right corner of the panel in the Threat AnalyticsInsight tab.
Click Members link in the Go To field at the top of the widget to view the members configured in the Grid. Grid Manager displays the Members tab in the Grid Manager tab. To navigate back to the Security dashboard, click Back to Security Dashboard at the top left corner of the navigation bar in the Members tab.

Anchor
Threat_Protection_Status
Threat_Protection_Status
Threat Protection Status for Grid

The Threat Protection Status for Grid widget displays the statistical information about the threat protection events triggered on all the members in the Grid that support Infoblox Advanced DNS Protection, hardware or Software ADP, and Infoblox Threat Insight. This widget contains the following tabs: Total Events by Severity, Top 10 Grid Members, Events Over Time, Top 10 Rules, and Top 10 Clients.
You can do the following in this widget:

...

Select a graph configuration, Client Hits, Passthru Hits, Blocked Hits, or Substituted Hits, to view details of a specific RPZ rule. You can select either one or all the available graph configurations. Note that Client Hits is displayed only when the graph type is Line Diagram.
Select a graph type, Stacked Diagram or Line Diagram, to display data in the required diagrammatic format. This option is enabled only when you click the Trend tab and disabled when you click the Top 10 Grid Members, RPZ Recent Hits, or Health tabs. For more information, see Trend below.
Click the Top 10 Grid Members tab to view information about the top 10 Grid members that have the most number of RPZ hits. For more information, see Top 10 Grid Members below.
Click the RPZ Recent Hits tab to view information about the latest five RPZ hits with unique client addresses. For more information, see RPZ Recent Hits below.
Click the Trend tab to view RPZ hit statistics for the Grid. For more information,
see Trend below.
Click the Health tab to view information about RPZ zones and their last updated times. For more information, see Health below.

Note that you must install the RPZ license and enable RPZ logging to access this widget. For more information about installing licenses and enabling RPZ logging, see License Requirements and Admin Permissions and Using a Syslog Server.

...

The Health tab displays information of RPZ zones and their last updated date and time. This data is retrieved directly from the database. Note that you cannot sort or filter values in this tab. You can export the data displayed in this tab by clicking the Export icon. For more information, see Exporting Displayed Data.

Response Policy Zone (RPZ) Status for Member

...

Click Select Member. In the Member Selector dialog box, choose a Grid member to view the RPZ hits, or statistics, or RPZ zones and their last updated date and time.
Select a graph configuration, ClientHits, Passthru Hits, Blocked Hits, or Substituted Hits, to view details of a specific RPZ rule. You can select either one or all the available graph configurations. Note that Client Hits is displayed only when the graph type is Line Diagram.
Select a graph type, Stacked Diagram or Line Diagram, to display data in the required diagrammatic format. This option is enabled only when you click the Trend tab and disabled when you click the Top 10 Grid Members, RPZ Recent Hits, or Health tabs. For more information, see Trend below.
Click View Syslog to view the last 20 RPZ events that are logged in the syslog. For more information, see Previewing the Syslog below.
Click the RPZ Recent Hits tab to view information about the latest five RPZ hits with unique client addresses. For more information, see RPZ Recent Hits below.
Click the Trend tab to view RPZ hit statistics on the selected member. For more information, see Trend below.
Click the Health tab to view information about RPZ zones and their last updated times. For more information, see Health below.

Note that you must install the RPZ license and enable RPZ logging to access this widget. For more information about installing licenses and enabling RPZ logging, see License Requirements and Admin Permissions and Setting DNS Logging Categories.

...

Client Hits: Total number of queries that triggered an RPZ policy. Note that this option is not displayed when you choose Stacked Diagram, but displayed only when you choose Line Diagram.
Passthru Hits: Total number of queries that triggered a Passthru RPZ rule. For more information about passthru rules, see Managing Passthru Rules.
Blocked Hits: Total number of queries that triggered a Block (No Data) or Block (No Such Domain) RPZ rule. For more information, see Managing Block (No Data) Rules or Managing Block (No Such Domain) Rules respectively.
Substituted Hits: Total number of queries that triggered a Substitute (Domain Name) or Substitute (Record) RPZ rule. For more information, see Managing Substitute (Domain Name) Rules and Managing Substitute (Record) Rules.
Timestamp: The graph displays a 24 hours time window.
Note the following about this tab:
The statistical data in DNS service will be reset when you stop and restart the DNS service or if you force an active DNS service to restart regardless of its state. This results in loss of prior data.
Using this graph, you can view the timestamp of statistics collection.

...

The Available vs. Allocated tab displays IP address allocation for available versus allocated IP addresses. It displays the total number of available IP addresses versus allocated IP addresses, depending on your configuration. It also displays a pie chart indicating the percentage for each allocation.

Threat

...

Insight Status for Grid

The Threat Analytics Insight Status for Grid widget displays the statistical information about the DNS tunneling events. This widget contains the following tabs: Detections Over Time, Top 10 Grid Members, and Detections.
You can do the following in this widget:

Turn on auto-refresh.
Click the Configure icon, select the AutoRefreshPeriod checkbox, and specify the refresh period in seconds. The default auto refresh period is 30 seconds. Click the Configure icon again to hide the configuration panel after you complete the modification.

Warning

If the Detailed Status panel is open, the following actions take place:

Grid Manager auto refreshes at a rate of 30 seconds.
Widgets that support user-specified auto refresh, refresh at the rate specified in the Auto Refresh Period field.

Therefore, even if you set the session timeout to be to greater than the auto refresh rate, auto refresh still takes place. The Grid Manager session does not time out because auto refresh takes precedence over the session timeout. For more information about widgets, see Status Dashboard.

Click the Detections Over Time tab to view information about the detected DNS tunneling events in a given time frame.
Click the Top 10 Grid Members tab to view information about the top 10 Grid members with the most total counts of detections by type.
Click the Detections tab to view information about all the detected DNS tunneling events.

Anchor
Detections_Over_Time
Detections_Over_Time
Detections Over Time

The Detections Over Time tab displays a line graph that tracks the number of detected DNS tunneling events over the given time frame. You can hover your mouse over the graph to view the coordinates of any point in the graph.

Anchor
Top_10
Top_10
Top 10 Grid Members

The Top 10 Grid Members tab displays a stacked bar chart that tracks the top Grid members with the most total counts of detected DNS tunneling events by type. The report displays the top 10 Grid members in descending order.

Anchor
Detections
Detections
Detections

The Detections tab displays information about all the detected DNS tunneling events. This tab displays the following information about each detection in table format:

Client IP Address: The IP address of the client.
Domain: The domain name of the client.
Timestamp: The timestamp when the event occurred.
Module: Displays the threat analytics Threat Insight module.

Threat

...

Insight Status for Member

The Threat Analytics Insight Status for Member widget displays statistics about the DNS tunneling events for a specific Grid member.
To configure the Threat Analytics Insight Status for Member widget, click the Configure icon and complete the following:

...

Click the Detections Over Time tab to view information about the DNS tunneling event count for the selected Grid member in a given time frame. It displays a line graph that tracks the number of DNS tunneling event detections in a given time frame. You can hover your mouse over the graph to view the coordinates of any point in the graph.
Click the Detections tab to view information about all the detected DNS tunneling events. This tab displays the following information in table format:
- Client IP Address: The IP address of the client.
- Domain: The domain name of the client.
- Timestamp: The timestamp when the event occurred.
- Module: Displays the threat analytics Threat Insight module. This tab displays only the last 15 detections.

...

Versions Compared

Old Version 12

New Version Current

Key

Anchor
Adding_Widgets_to_Dashboards
Adding_Widgets_to_Dashboards
Adding Widgets to Dashboards

Cloud Statistics

Note

Anchor
Threat_Protection_Status
Threat_Protection_Status
Threat Protection Status for Grid

Response Policy Zone (RPZ) Status for Member

Threat

Insight Status for Grid

Warning

Anchor
Detections_Over_Time
Detections_Over_Time
Detections Over Time

Anchor
Top_10
Top_10
Top 10 Grid Members

Anchor
Detections
Detections
Detections

Threat

Insight Status for Member

Page Comparison

Versions Compared

Old Version 12

New Version Current

Key

AnchorAdding_Widgets_to_DashboardsAdding_Widgets_to_DashboardsAdding Widgets to Dashboards

Cloud Statistics

Note

AnchorThreat_Protection_StatusThreat_Protection_StatusThreat Protection Status for Grid

Response Policy Zone (RPZ) Status for Member

Threat

Insight Status for Grid

Warning

AnchorDetections_Over_TimeDetections_Over_TimeDetections Over Time

AnchorTop_10Top_10Top 10 Grid Members

AnchorDetectionsDetectionsDetections

Threat

Insight Status for Member

Anchor
Adding_Widgets_to_Dashboards
Adding_Widgets_to_Dashboards
Adding Widgets to Dashboards

Anchor
Threat_Protection_Status
Threat_Protection_Status
Threat Protection Status for Grid

Anchor
Detections_Over_Time
Detections_Over_Time
Detections Over Time

Anchor
Top_10
Top_10
Top 10 Grid Members

Anchor
Detections
Detections
Detections