/
Pulse Dashboards
Document toolboxDocument toolbox

Pulse Dashboards

Owned by Shirly Tsang
Jun 03, 2024
2 min read

The extension installs several Pulse Dashboards, which contain much greater functionality than regular dashboards. These dashboards leverage the Pulse QRadar app, so you will need to install it and perform a few extra steps to make use of these.

To install the Pulse dashboards:

  1. Install the Pulse extension into your QRadar environment. Follow instructions here. The most current version of the Pulse extension archive on the exchange at this time of writing can be downloaded here

  2. Synchronize the dashboard templates contained within the newly installed content extension with the Pulse app. Follow instructions here.

  3. Install and create a new dashboard within Pulse from the newly synchronized templates. Follow instructions here.

After installing the dashboards, find them by navigating to Pulse and selecting one of the dashboards prefixed with “Infoblox CDC”.

Each dashboard has different parameters you can edit.

  • Logsource: Defines the Log Source used by the dashes. Defaults to Infoblox-CDC.
    Note: If you changed the name of the Log Source, you must change it here to match. 

  • Timerange: Defines the time range for the data. Defaults to LAST 1 HOURS. This must be a valid AQL time criterion. See official documentation here.

  • Domain: Defines the domain to drilldown. Will autofill when a valid domain is clicked.

  • IP: Defines the IP address to drilldown. Will autofill when a valid IP address is clicked.

Some items drilldown to other dashboards or open a TIDE indicator externally in the CSP for further analysis. The title of each item lets you know if you can drilldown or not and what the drilldown does. Simply click on parts of the charts to do so.

Pulse dashboards are fully customizable. Create new items and remove ones you don’t use (Currently 20 items max per dash). Modify the colors, drilldown actions, result limits, or formatting of any item. Set refresh rates or default parameters as your organization needs. 

In deployments processing large volumes of traffic, Pulse dashboards may take multiple minutes to fully populate visualizations while the AQL queries are running. To improve performance, try the following:

  • Use a smaller Timerange.

  • Set smaller Results Limits.

  • Remove items you do not use.

  • Remove items from a dash and add them to a new one. Spreading items across multiple dashboards shortens how many AQL queries need to be run when the dashboard is loaded.

Related content