Make sure you have completed the following prerequisites to view the Advisor data:
The Advisor feed must be up-to-date, processed, and loaded into the Sentinel database.
The selected event is from a product supported by Advisor and has the Vulnerability field value set to 1.
To view the Advisor data:
In the Sentinel Main interface, click Filters > Exploit Detected Events or specify vul:1 in the Search field, then click Search.
Sentinel displays all events that are likely to have exploited a known vulnerability.
You can also view the report for these events by selecting the desired events, then clicking Event Operations > View Advisor report.