Social Network Activity Dashboard

by David Schwalenberg
March 18, 2014

This dashboard presents information about social networking activity on the network.

The dashboard and its components are available in the SecurityCenter 4.7 Dashboard app feed, an app store of dashboards, reports, and assets.

The dashboard requirements are:

  • SecurityCenter 4.7
  • PVS 4.0.1
  • LCE 4.2.2

Note that this dashboard relies on PVS detections being forwarded to the LCE. Make sure that the PVS is configured to send syslog messages to the LCE: in Configuration > PVS Settings > Syslog, include the LCE host (with port 514) in the Realtime Syslog Server List. The LCE listens for syslog messages by default.

Listed below are the included components:

  • Social Network Activity Over Last 72 Hours - Popular General Sites - This matrix presents network activity in the last 72 hours related to several popular general social networking sites. The site URL in the Activity column is highlighted green if any activity was detected. The two DNS Queries columns display the count of DNS queries for the site, and what percentage of the total DNS queries that is. (Note that a DNS query does not necessarily mean that someone visited the site; it could be the result of site-related icons or thumbnails being displayed on other webpages.) The Possible Long-Term column displays an exclamation icon if continuous social network activity was detected on any network host and this site was involved.
  • Social Network Activity Over Last 72 Hours - Popular Discussion Sites - This matrix presents network activity in the last 72 hours related to several popular social networking blogging and discussion sites. The site URL in the Activity column is highlighted green if any activity was detected. The two DNS Queries columns display the count of DNS queries for the site, and what percentage of the total DNS queries that is. (Note that a DNS query does not necessarily mean that someone visited the site; it could be the result of site-related icons or thumbnails being displayed on other webpages.) The Possible Long-Term column displays an exclamation icon if continuous social network activity was detected on any network host and this site was involved.
  • Social Network Activity Over Last 72 Hours - Popular Contacts Sites - This matrix presents network activity in the last 72 hours related to several popular social networking contacts sites. The site URL in the Activity column is highlighted green if any activity was detected. The two DNS Queries columns display the count of DNS queries for the site, and what percentage of the total DNS queries that is. (Note that a DNS query does not necessarily mean that someone visited the site; it could be the result of site-related icons or thumbnails being displayed on other webpages.) The Possible Long-Term column displays an exclamation icon if continuous social network activity was detected on any network host and this site was involved.
  • Social Network Activity Over Last 72 Hours - Hosts with Long-Term Activity - This table presents information about hosts that, in the last 72 hours, have generated continuous social network events (such as visiting YouTube or Facebook) for 40 minutes.
  • Social Network Activity Over Last 72 Hours - Events - This table presents all social networking events detected in the last 72 hours.
  • Social Network Activity - 25 Day Usage Trend - This area chart trends usage of several popular social networking sites over 25 days.

The following related component is also available in the SecurityCenter 4.7 Dashboard app feed, but is not included in this dashboard:

  • Social Network Activity Over Last 72 Hours - Top Popular Sites - This matrix presents network activity in the last 72 hours related to several popular social networking sites. The site URL in the Activity column is highlighted green if any activity was detected. The two DNS Queries columns display the count of DNS queries for the site, and what percentage of the total DNS queries that is. (Note that a DNS query does not necessarily mean that someone visited the site; it could be the result of site-related icons or thumbnails being displayed on other webpages.) The Possible Long-Term column displays an exclamation icon if continuous social network activity was detected on any network host and this site was involved.