Sentinel provides event visualizations that present data in charts, tables, and maps. These visualizations make it easier to visualize and analyze large volumes of data such as events, IP Flow events, and alerts. You can also create your own visualizations and dashboards.
Sentinel leverages Kibana, a browser-based analytics and search dashboard, that helps you to search and visualize events. Kibana accesses data from visualization data store (Elasticsearch) to present events in dashboards. By default, Sentinel includes an Elasticsearch node. You must enable event visualization to store and index events in Elasticsearch. For more information, see Configuring the Visualization Data Store.
NOTE:Some of the Sentinel dashboards that leverage Kibana do not load after you upgrade to Sentinel 8.2. This issue occurs because Elasticsearch and Kibana versions have been upgraded in Sentinel 8.2, and the existing Kibana index file is not compatible with the upgraded versions of Elasticsearch and Kibana. To fix this issue, you must manually delete the existing Kibana index file and recreate a new Kibana index file. For more information, see the Knowledge Base Article 7022736.