Custom Dashboards (Beta)
Build custom dashboards to visualize and track important data in Panther
Last updated
Was this helpful?
Build custom dashboards to visualize and track important data in Panther
Last updated
Was this helpful?
Custom dashboards in Panther allow you to group data visualizations that provide insights tailored to your organization's needs. You can customize each dashboard to display key metrics, such as data ingest volume, alert volume, and any other trends you'd like to monitor at a glance.
A custom dashboard is made up of one or more visualizations, or "widgets." Each visualization is generated from a query using the .
Learn how to , , and more, below.
You can create a custom dashboard in the Panther Console from either the Dashboard or Search page.
In the left-hand navigation bar of your Panther Console, click Investigate > Search.
Select the name of the custom dashboard you'd like to add the visualization to.
To view a custom dashboard in your Panther Console:
In the left-hand navigation bar of your Panther Console, click Dashboard.
This is the landing page when logging into the Panther Console.
In the upper-left corner, click Overview.
To see the related PantherFlow query:
In the upper right-hand corner of the visualization widget for which you'd like to view the PantherFlow query, click the three dots icon.
Click Go to PantherFlow query.
You can only update custom dashboards you created.
You can edit a visualization widget from a custom dashboard you created.
To edit a visualization widget in a custom dashboard:
In the top-right corner of the visualization widget you'd like to edit, click the three dots icon.
Click Edit visualization settings.
Make desired updates in the Edit visualization settings pop-up modal.
If you'd like to update attributes of the visualization (such as the chart title or orientation), follow either the Using form or Using PantherFlow instructions below.
To update a visualization widget using the form:
On the left-hand side of the Edit visualization settings pop-up modal, update the visualization form field values as desired.
In the Data section:
Chart Type: Select Bar chart or Line chart.
Y-axis: Select the field you'd like to be represented on the vertical axis. (Select Auto-detect to allow Panther to infer the value based on your query.)
X-axis: Select the field you'd like to be represented on the horizontal axis. (Select Auto-detect to allow Panther to infer the value based on your query.)
Series: Select the field you'd like to use to group the data. (Select Auto-detect to allow Panther to infer the value based on your query.)
In the Appearance section:
(If Chart Type is Bar chart) Orientation: Select an icon to indicate the direction of the bars.
Orientation can only be altered if Y-axis and X-axis are both set to Auto-detect.
Show legend: Toggle On or Off depending on whether the visualization should have a legend.
(If Show legend is On) Legend Position: Select a value for the legend's placement.
In the Labels section:
Visualization Title: Enter a title for the visualization.
Click Save Changes to update the visualization widget or Cancel to discard your edits.
Update the Dashboard Name value and/or select a new emoji.
You can adjust both the size and position of each visualization widget in a custom dashboard. Changes made to widget size and position will be saved automatically after changes have stopped for a short period of time. You can only customize the layout of dashboards you created.
To change the size of a widget:
Hover over the lower right-hand corner of a widget.
Click and drag the corner to resize the widget to the desired size.
To change the position of a widget:
Hover over the widget's title.
Click and drag the widget to its new location within the dashboard.
To delete a custom dashboard:
In the Delete Dashboard? pop-up modal, click Confirm.
The dashboard will be deleted and a confirmation notification will be displayed in the lower left-hand corner of the Console window.
You can only delete a visualization widget from a custom dashboard you created.
To delete a visualization widget from a custom dashboard:
In the top-right corner of the visualization widget you'd like to remove, click the three dots icon.
Click Remove visualization.
Custom dashboards currently have the following limitations:
Your Panther instance can store up to 1,000 custom dashboards.
To build a custom dashboard, first you will , then you will .
Hover over the name of the currently displayed dashboard, then click +.
Click the name of the currently displayed dashboard, then click + New Dashboard.
Now that your new dashboard exists, you can and .
Run a search that uses the .
.
In the top-right corner of the resulting visualization, click the three dots icon, then + Add to dashboard....
A new custom dashboard is created, and this visualization is added to it. In the notification displayed in the lower-left corner of the screen, click Go to dashboard to view the new dashboard.
You can optionally .
After you have , you can add a visualization widget to it. You can only add visualizations to dashboards you created.
Run a search that uses the .
.
In the top-right corner of the resulting visualization, click the three dots icon, then + Add to dashboard....
The visualization is added to the custom dashboard. In the notification displayed in the lower-left corner of the screen, click Go to dashboard to view the dashboard.
A dashboard is made up of one or more visualizations, each powered by a query.
Under Custom Dashboards, select the dashboard you'd like to view.
It may be helpful to see the query underlying a visualization widget.
You will be redirected to and the associated PantherFlow query will load and execute.
Editing a visualization's underlying PantherFlow query in Search will not update the visualization on your dashboard. To edit a visualization in your dashboard, see below.
Once you have , you can . Once you have to the dashboard, you can as well as .
containing the visualization widget you'd like to edit.
If you'd like to update the PantherFlow query underlying the visualization outside of the (e.g., you'd like to add a clause), follow the Using PantherFlow instructions below.
Updates to form field values are reflected in the PantherFlow query above (visible by clicking the down arrow icon: ).
The form fields reflect the PantherFlow , and include:
On the left-hand side of the Edit visualization settings pop-up modal, click the down arrow icon to expand the PantherFlow query and enter edit mode.
Updates made to the will be reflected in the modal form (visible by clicking the up arrow icon: ).
you'd like to update.
Hover over the title of the dashboard, then click the pencil (Edit Title) icon.
Click the check mark icon to save your changes, or the X icon to discard your changes.
Once a dashboard is deleted, it will not appear in any dashboard lists. You can only delete dashboards you created. If you only need to delete a visualization from a dashboard (and not the entire dashboard as a whole), see , below.
you'd like to delete.
Once the selected dashboard is loaded, hover over its title, then click the trash can icon.
To revert the deletion, in the confirmation notification, click Undo.
containing the visualization widget you'd like to remove.
