Reports

XDR/XPR Reports

XDR/XPR Configurable Activity Report

Configurable Activity Report is the Infinity XDRClosed Extended Detection & Response/XPRClosed Extended Prevention & Response activity report for a specific time period.

It contains information about:

  • Connected products

  • Prevention statistics

  • Incidents

  • Exclusions

  • Intelligence

You can configure the report content, download the report on-demand or schedule it daily, weekly and monthly, and email it to recipients.

Generating an Activity Report

To generate an activity report:

  1. Log in to the Infinity XDR/XPR Administrator Portal.

  2. Go to Settings > Reports.

  3. Click Generate Report.

    The Generate report window appears.

    1. Select the time frame for the report.

    2. Select the content for the report.

    3. To reset the content to the default values, click Reset to default.

    4. Click Generate Report.

      When the report is ready, a pop-window appears.

    5. Click Download.The system downloads the report in the PDF format.

    6. (Optional) To view and download previous reports:

      1. Click Go to view history.

        The Audit logs page appears.

      2. For the report you want to download, click download.

Scheduling an Activity Report

To schedule an activity report:

In the Email report settings section:

  1. To preview the email content, click Preview Email.

  2. Select the frequency to send the report.

    • Daily - The report is sent every day at 00:00 hours.

    • Weekly - The report is sent on every Monday at 00:00 hours.

    • Monthly - The report is sent on 1st of every month at 00:00 hours.

  3. To define the report content, click Define report content.

    The Report content window appears.

  4. Select the content for the report.

    Note - The report content differs depending on the frequency selected to send the report.

  5. To reset the content to the default values, click Reset to default.

  6. Click Save Changes.

  7. Enter the email addresses.

  8. Click Save Changes.

    The system sends the report in PDF format to the recipients.

  9. (Optional) To view and download previous reports:

    1. Click Go to view history.

      The Audit logs page appears.

    2. For the report you want to download, click download.

XDR/XPR Predefined Activity Report

The XDR/XPR predefined activity report provides a summary of key events and updates in Infinity XDR/XPR over the past seven days. You can configure the report to be sent automatically to specific users every week. To configure the email settings, see Weekly XDR/XPR Summary Email Settings.

The system sends the weekly report email every Monday.

Sample weekly report:

The table below describes the contents of the weekly report:

Item

Description

Efficiency

Events Processed

Total number of events processed by Infinity XDR/XPR in the report time frame.

To view events details, click the count link. The Events page appears.

Alerts Processed

Total number of alerts processed by Infinity XDR/XPR in the report time frame.

To view alerts details, click the count link. The Alerts page appears.

Critical/High Incidents Created

Total number of incidents with Critical and High severity levels created by Infinity XDR/XPR in the report time frame.

To view incidents details, click the count link. The Incidents page appears, filtered by Critical and High priority levels.

Incidents prevented

Percentage of incidents prevented by Infinity XDR/XPR in the report time frame.

To view incidents details, click the count link. The Incidents page appears, filtered by Prevented incidents.

Alerts do not require any user action

Percentage of alerts during the report time frame that required no user action.

To view alerts details, click the percentage link. The Alerts page appears, filtered by No Action Required verdict.

Prevention

Unique response actions by XDR

Total number of prevention actions taken by Infinity XDR/XPR in the report time frame (for example, add an indicator to IoC Management). To view actions details, click the count link. The Prevention Status page appears.

Note - This section displays data only if automatic response is enabled. Otherwise, the report displays No data.

To enable automatic response, click the enable link. The Automations page appears.

Blocked alerts

Total number of alerts automatically blocked by Infinity XDR/XPR in the report time frame.

Detection

Alerts detected using XDR's AI models

  • Total number of alerts detected by Infinity XDR/XPR's AI model in the report time frame.

    To view alerts details, click the link. The Alerts page appears, displaying the alerts generated only by Infinity XDR/XPR, excluding the alerts from connected components.

  • The graph shows the statistics of detection in the report time frame.

Unsubscribing from weekly report email

To unsubscribe, click the unsubscribe link in the email.

The system displays a message if you have successfully unsubscribed.

Note - If any error occurs, the system displays Unsubscribe error.

Weekly XDR/XPR Summary Email Settings

Prerequisite

To configure the weekly XDR/XPR summary email settings, you must have Admin role in Global Roles or Specific Service Roles.

To configure the weekly XDR/XPR summary email settings:

  1. Go to Settings > Reports.

  2. To add email recipients for the weekly report, in the Weekly XDR/XPR Summary Email settings section, enter the email address of users or the required distribution list.

    Note - If a user unsubscribes from the weekly updates via the link in the email, the system automatically removes the user's email address from this list.

  3. (Optional) To preview the email template, click Preview Email.

  4. Click Save Changes.