Chart: The graph displays the events, the anomalies, and the baseline.

Compared to: Displays the types of baselines for comparison with the flowing data. Baseline is the referenced line that is displayed in blue color, whereas the actual events that are flowing in to the system is displayed in brown. You can compare the flowing data to the following:

Time range: Displays the time range between which we can see the data. When you create a dashboard, the Time range shows Hour. It then displays Day and Week as you have one day or one week data stored in Security Intelligence database (MongoDB). The Hour option does not appear, if the Security Intelligence database (MongoDB) have 28 days of data.

Show Events: Displays the list of events for the selected time range in the Sentinel Web interface. The total events in the Sentinel Web interface matches with the total events in the dashboard. However, the total events count in the Sentinel Web interface does not match with the total events in the dashboard in the following cases:

Time Slider: The time slider allows you to change the amount of information displayed in the dashboard. It allows you to zoom in or zoom out for a specific time period. As you move the time slider, the graph changes accordingly.

Time Slider Data Summaries: Below the graph, a summary of the time slider data is displayed. The data that is

Anomalies: Displays the anomalies that have occurred during the lifetime of the dashboard. To view the details of the anomaly, you can click on anomaly name. This displays the anomaly detail page.

Categories: The Categories panel on the right of the dashboard displays the categories of the current time range at the current level of the dashboard. It provides the ability to drill down and find more information about the categories of events. This section displays lines identifying changes from the baseline indicators of the categories. You can sort the category list by percent change, reference count or current count.