I'm importing results from a Nessus-scanner, which I then present on a dashboard in order for different departments to use as a "How are we doing in securing the environment".
I have a data table showing vulnerabilites sorted by no. of occurences. With a KPI defined as "A 75% reduction in Top10 Critical/High Risk at the end of ", I would like to create a metric showing the sum of the top10 occurences.
Example:
Vulnerability 1: 75 unique hosts
Vulnerability 2: 50 unique hosts
Vulnerability 3: 49 unique hosts
...
Vulnerability 10: 20 unique hosts
SUM: X unique hosts
Sum : Y unique hosts
I believe the key here would be summing the Unique Count, but only for top10 - any ideas?
Hi @ahoffskov
Welcome to our community and sorry for the long delay in getting a reply.
Have you found a valid solution to your problem?
If not I think you can achieve that with an horizontal bar chart (it will allows you to show the ranking and to compare the values) with a configuration like the following:
as metric you can use an unique count of hosts
as bucket you can use a term aggregation on the vulnerability id/name
If you tweak the bucket size to 10, you will get the top 10 vulnerability by unique host count.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.