Using Vantage
Once you’ve configured your Condition Sources, you are ready to begin utilizing the focal points of Vantage: the Evidence and Context panes.
First, a quick summary of some of Vantage’s capabilities by section:
Evidence
The Evidence pane controls everything about the table of Capsules. You can change the date range to pull more or less events, navigate different Views, toggle QuickTrend on/off, and most importantly interrogate the table of events to find what you are looking for using filtering, sorting, grouping, or add/remove columns.
Views Menu
Views allow you to slice and dice your table per user or use case, and save it for easy navigation later. You can also make one of your Views “Home” so every time you open Vantage, you’ll immediately return to that View. Additionally, you can:
Save/overwrite/rename/delete Views
Pin and make 1 View “Home” for easier navigation
Date Selector
Choose what dates you want to review events for. You can leverage:
Standard: common lookbacks from “now” like Last day, Last 7 days, and Last 30 days
Fixed: anchor start and end dates to two times
Advanced: allows for custom navigation in time, particularly useful for reviewing Forecasted events.
QuickTrend Toggle
Turn on/off the QuickTrend section, which will show you time-series trends of the signals used in calculating the events.
Navigating the Table
The table of events is a featureful experience. We encourage you to explore the various menus and navigations to explore everything Vantage has to offer, but hope this list of common, but not comprehensive features gets your started.
Column Filtering: type in or click the filter icon to make a selection of what rows to show (or not show) in your table.
Column Grouping: click + drag column headers into the top-row that reads “Drag here to set row groups” to begin grouping your table by shared information, like Asset or Condition.
The Column menu is accessible in any column header to sort, change pin state, group by, and most importantly: Choose Columns to show/hide from your table.
Context
Once you have a selected one (or more with shift/ctrl+click), you can do further investigation by using the 3-dot menu in the top-right of the context panel or begin adding context to those items.
Note the “Currently Selected:” message at the top of the Context pane clarifies which item type you have selected.
The 3-dot menu allows navigation into Workbench from Vantage. Users have 2 options by default:
Investigate in new workbench: This action will create a brand new workbench for you with the selected items in the display to sandbox an investigation.
Open source workbench: This action will attempt to navigate you to the Workbench where the selected condition/capsule was created in. We will attempt to navigate you directly to the worksheet where it is displayed, but if it is not currently in a display, we will default to the first worksheet.
This feature may appear to be broken if you have pop-up blockers enabled in your browser.
Vantage offers multiple methods to contextualize the events in your table:
Notes: free-form text that can be assigned to both capsules and conditions. Notes are not represented in the table.
Labels: keyword tags that be picked from a list (or typed) and assigned to both capsules and conditions. Labels are presented in the table within the Labels column to be filtered, sorted, or grouped.
Flag: a Boolean state of either flagged or unflagged. This can be applied to both capsules and conditions and is represented in the Flagged column in the table.
Review: a Boolean state, similar to flagged, but this can only be applied to Capsules. Note, you can apply it when selected on a Condition, but it will simply review all the child capsules. It is also represented in the table as a check mark.
Suppress: a state of suppression means any new capsules detected from the suppressed condition will be specially categorized as suppressed, and filtered by default out of the table. Changing the Suppressed column filter can be performed to show suppressed capsules.
Once you have submitted your context, you’ll see a note tile get created in the History, cataloging your actions alongside your username and timestamp:
Search and Filter
At the top of the Context Pane, you’ll find a search bar and filter icon. These can be used to navigate the context history of your current selection:
