# Initial Home

## Preview <a href="#preview" id="preview"></a>

![](/files/CsyQMiIEQYxfHtSNJ6cC)

## Overview <a href="#overview" id="overview"></a>

**Purpose**: The Initial Home dashboard provides a high-level overview of network activity, flow analysis, DNS queries, and detection alerts. It helps network administrators monitor essential traffic patterns, identify top communicators in the network, and respond to security alerts based on priority.

**Components**: The dashboard includes the following visualizations:

* **Netflow/sFlow**
* **Cloud Flow**
* **DNS Records**
* **Top Flow Accounts**
* **Top DNS Accounts**
* **Top Talkers**
* **Top Conversations (Egress and Lateral)**
* **Top Service Ports**
* **Top AS Info by Destination**
* **Top Geolocations by Destination**
* **Top Protocols**
* **DNS Query Cardinality**
* **DNS: Top External Domains**
* **DNS: Top Cloud Services Requested**
* **Events**
* **Detection Asset Locations**
* **Detections**

## Getting Here <a href="#getting-here" id="getting-here"></a>

1. From the main menu, go to **Dashboards > All**.
2. Select the **System** tab from the top navigation.
3. Click on **Initial Home**.

## Main Points <a href="#main-points" id="main-points"></a>

**Usage Scenarios**: This dashboard is valuable for gaining insights into overall network health, identifying top sources and destinations of traffic, monitoring DNS requests, and responding to prioritized security alerts.

**Best Practices**: Regularly monitor the top talkers, conversations, and DNS activity to identify unusual patterns. Use the detection alerts and event counts to prioritize responses to potential security threats.

## Charts <a href="#charts" id="charts"></a>

### Netflow/sFlow <a href="#netflowsflow" id="netflowsflow"></a>

**Description**: A line chart showing flow rate from Netflow or sFlow data sources over time.

**Key Elements**:

* **X-axis**: Time.
* **Y-axis**: Flow rate in packets per second (pps).

**Usage**: Helps track overall network traffic captured by Netflow/sFlow sources, aiding in performance monitoring.

### Cloud Flow <a href="#cloud-flow" id="cloud-flow"></a>

**Description**: A line chart representing flow rate for cloud network traffic over time.

**Key Elements**:

* **X-axis**: Time.
* **Y-axis**: Flow rate in packets per second (pps).

**Usage**: Useful for monitoring traffic within cloud environments, which may indicate load or performance trends.

### DNS Records <a href="#dns-records" id="dns-records"></a>

**Description**: A line chart showing DNS query rates over time.

**Key Elements**:

* **X-axis**: Time.
* **Y-axis**: DNS query rate.

**Usage**: Tracks DNS query activity, helping to identify spikes or unusual query patterns.

### Top Flow Accounts <a href="#top-flow-accounts" id="top-flow-accounts"></a>

**Description**: A bar chart showing the top flow accounts by traffic volume.

**Key Elements**:

* **Bars**: Each bar represents an account, with length indicating flow volume.

**Usage**: Helps identify which accounts are generating the most flow traffic in the network.

### Top DNS Accounts <a href="#top-dns-accounts" id="top-dns-accounts"></a>

**Description**: A bar chart displaying the top DNS accounts based on query activity.

**Key Elements**:

* **Bars**: Represent DNS accounts, with length indicating query volume.

**Usage**: Useful for monitoring DNS activity by account, identifying high-query accounts for further analysis.

### Top Talkers <a href="#top-talkers" id="top-talkers"></a>

#### Top Conversations - Egress <a href="#top-conversations---egress" id="top-conversations---egress"></a>

**Description**: A bar chart showing the top egress conversations by traffic volume.

**Key Elements**:

* **Bars**: Each bar represents a conversation, with length indicating traffic volume.

**Usage**: Identify top sources of outgoing traffic to monitor network usage.

#### Top Conversations - Lateral <a href="#top-conversations---lateral" id="top-conversations---lateral"></a>

**Description**: A bar chart representing lateral conversations within the network.

**Key Elements**:

* **Bars**: Each bar indicates a conversation, showing lateral traffic volumes.

**Usage**: Helps identify top internal conversations, useful for monitoring east-west traffic.

### Top Service Ports <a href="#top-service-ports" id="top-service-ports"></a>

**Description**: A pie chart displaying traffic volume by service port.

**Key Elements**:

* **Segments**: Each segment represents a service port, with size indicating traffic volume.

**Usage**: Useful for identifying high-traffic ports, aiding in security monitoring.

### Top AS Info by Destination <a href="#top-as-info-by-destination" id="top-as-info-by-destination"></a>

**Description**: A pie chart representing top destination Autonomous Systems (AS).

**Key Elements**:

* **Segments**: Each segment represents a destination AS.

**Usage**: Monitors traffic distribution across different AS destinations.

### Top Geolocations by Destination <a href="#top-geolocations-by-destination" id="top-geolocations-by-destination"></a>

**Description**: A pie chart showing traffic by destination geolocation.

**Key Elements**:

* **Segments**: Each segment represents a country, showing the geographic distribution of traffic.

**Usage**: Provides insights into the geographic sources or destinations of traffic.

### Top Protocols <a href="#top-protocols" id="top-protocols"></a>

**Description**: A pie chart representing traffic volume by protocol type.

**Key Elements**:

* **Segments**: Each segment represents a protocol (e.g., TCP, UDP).

**Usage**: Helps in identifying commonly used protocols within network traffic.

### DNS Query Cardinality <a href="#dns-query-cardinality" id="dns-query-cardinality"></a>

**Description**: A line chart showing the unique DNS query cardinality over time.

**Key Elements**:

* **X-axis**: Time.
* **Y-axis**: Unique DNS queries.

**Usage**: Useful for identifying DNS query diversity, which may indicate anomalous behavior.

### DNS: Top External Domains <a href="#dns-top-external-domains" id="dns-top-external-domains"></a>

**Description**: A bar chart showing the most queried external domains.

**Key Elements**:

* **Bars**: Each bar represents an external domain.

**Usage**: Identifies top external DNS queries, helpful for monitoring traffic to external domains.

### DNS: Top Cloud Services Requested <a href="#dns-top-cloud-services-requested" id="dns-top-cloud-services-requested"></a>

**Description**: A pie chart displaying the top cloud services queried.

**Key Elements**:

* **Segments**: Each segment represents a cloud service.

**Usage**: Provides insights into cloud service usage within DNS traffic.

## Events <a href="#events" id="events"></a>

**High, Medium, Low Priority Issues**

**Description**: Displays the count of detection issues categorized by priority.

**Key Elements**:

* **Counts**: Shows the number of high, medium, and low priority issues.

**Usage**: Monitor this section to prioritize responses to detection issues.

### Detection Asset Locations <a href="#detection-asset-locations" id="detection-asset-locations"></a>

**Description**: A map showing the locations of detection assets.

**Key Elements**:

* **Map Points**: Each point represents a location with an associated issue.

**Usage**: Helps in visualizing geographic distribution of detection assets and issues.

### Detections <a href="#detections" id="detections"></a>

**Description**: A table providing details of recent detections, including timestamp, severity, traffic type, and alert type.

**Key Elements**:

* **Columns**: Detailed information about each detection event.

**Usage**: Use this table for reviewing recent detection events, prioritizing response actions based on severity and traffic.

## Interpreting the Data <a href="#interpreting-the-data" id="interpreting-the-data"></a>

**Traffic Insights**: The **Top Talkers**, **Top Conversations**, and **Top Protocols** charts help identify the main sources and types of traffic within the network.

**DNS Monitoring**: The **DNS Records** and **DNS Query Cardinality** charts allow administrators to monitor DNS activity and detect any unusual patterns or high-frequency queries.

**Security Alerts**: The **Events** and **Detections** sections provide prioritized alerts and details on recent security events, aiding in rapid response to potential threats.

## Additional Features <a href="#additional-features" id="additional-features"></a>

**Metric Selection**: Allows users to choose metrics such as bitrate to customize the view and focus on specific aspects of network activity.

**Time Range**: Users can adjust the time range to focus on specific periods for detailed analysis.

**Interactive Elements**: The SYNC HOVER feature provides synchronized insights across charts, allowing users to explore connections between different metrics in the dashboard.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.fusion.vectra.ai/dashboards/system/initial-home.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.