You can import custom queries and dashboards into ePO, such as the ones attached to this article. Or, you can create your own using ENSSP threat events as your template.
To import updated custom queries and dashboards, perform the steps below:
- Download and extract ENS-SP_Queries_and_Dashboards.zip from the "Attachment" section of this article.
- In ePO, navigate to the Queries & Reports page.
- Click Import Queries.
- Click Browse, select Qry--ENSSP--Statistics--ICAP.xml, and save the query.
- Click OK on the Import Queries screen.
- Click Import Queries.
- Click Browse, select Qry--ENSSP--Statistics--NetApp.xml, and save the query.
- Click OK on the Import Queries screen.
- Navigate to the Dashboards page in ePO.
- Click Dashboard Actions and choose Import.
- Click Browse and select Endpoint_Security_Storage_Protection_ICAP__Current_Detections-Dashboard--Fixed.xml.
- To import the dashboard, click OK and then OK.
- Click Dashboard Actions and choose Import.
- Click Browse and select Endpoint_Security_Storage_Protection_NetApp__Current_Detections-Dashboard--Fixed.xml.
- To import the dashboard, click OK and then OK.
