Docs

Response Integration Blocks Dashboard

Suggest Edits

The Response Integration Blocks dashboard is a system dashboard available in the All section of the Dashboards page.

If you use a block-type response integration to restrict traffic based on events in Fusion, this dashboard will help track metrics around blocks and see what blocks are active in the system.

Dashboard Widgets

The following widgets are displayed on the Response Integration Blocks screen:

  1. Current Blockrate (bps): Displays the current block rate in bits per second.
  2. Total Blocks: Shows the total number of blocks recorded.
  3. Blockrate: Presents the block rate calculated at 30-minute intervals.
  4. Top Destination Protocols: Lists the top destination protocols based on traffic volume.
  5. Top Destination Ports: Shows the most frequently used destination ports.

Traffic Data Table

The Response Integration Blocks screen also features a table with the following columns:

  • ALL: A checkbox to select all, checked, or unchecked values for filtering.
  • Start: The start time of the traffic event.
  • Expiration: A dropdown to filter traffic events based on expiration status: all, not expired, or expired.
  • Active: A dropdown to filter traffic events based on their active status: all, active, or inactive.
  • srcip: The source IP address of the traffic.
  • srcipname: A dropdown to filter traffic events by source IP name.
  • srciprep.categories: A dropdown to filter traffic events by source IP reputation categories.
  • srcgeo: The geographic location of the source IP.
  • dstas.number: The destination Autonomous System (AS) number.
  • dstas.org: The organization associated with the destination AS.
  • dstip: The destination IP address of the traffic.
  • dstipname: A dropdown to filter traffic events by destination IP name.
  • rules: The rules applied to the traffic event.
  • adapter: The network adapter used for the traffic event.
  • plugin.name: The name of the plugin associated with the traffic event.
  • dstgeo: The geographic location of the destination IP.

Use the Response Integration Blocks screen to monitor and analyze traffic patterns related to the system's active and potential block lists. You can apply filters to the data table to focus on specific events or narrow down your analysis.

Table Layout options

The top left hamburger button under the Active Blocks heading allows you to export your Response Integration Blocks layout results in your current view or all fields. You can also configure the layout options by toggling the switches for each column.

Updated 4 months ago