Group Metrics

Summary: Group Metric widgets display key performance metrics for multiple asset groups.

Adding a Group Metric Widget to a User Dashboard

When you first add a Group Metric widget to a User (custom) dashboard, the widget will display a single metric for up to 10 groups. By default, Group Metrics widgets show the top 10 groups according to a specific pattern. For example, the widget may show the groups with the lowest or highest RS³ scores.

After you save your dashboard, you can click the settings menu in the upper right to configure the widget.

The configuration menu lets you change the title, the metric, and the groups to display. If you choose to load groups based on a pattern, then the group selection may change over time.

If you want to see the same groups every time that the widget loads, you can choose Select my own groups.

Once you have finished making changes, click Save.

Limitations

The dashboard filters Network, Group, and Tag have no impact on Group Metric widgets. If you apply one or more dashboard filters to a custom dashboard, the widgets will continue to show the same data for each group.
Some widgets show how metrics change over time. Others show the current state of a group. You may see different metrics available in each widget.
Some metrics will not be clickable. In a table, the metric will be blue to indicate a link.
You can only save the widget configuration if you have added at least one metric and one group. You must also provide a title.

Widgets

This section discusses available Group Metric widgets that provide access to all metrics. The SLA Overview dashboard also has several group metrics widgets that provide access to SLA KPIs and other features. For more information, visit the Knowledge Base article on the SLA Overview dashboard.

Group Performance over Time

This widget allows you to compare how a single metric has changed over time. You can see the same metric for up to 10 groups. Additionally, you can modify the number of weeks or months to display through the configuration menu by changing the number of data points. Note that the amount of historical information available varies for each metric.

Weekly time series begin on the first Sunday before the Start Date. Each week begins on Sunday and ends on Saturday. Monthly time series begin on the first day of the same month as the Start Date.

Metric Comparison across Groups

This widget shows a single metric for up to 10 groups. The widget captures the current state of each selected group.

Current Group Performance

This widget shows multiple metrics for multiple groups. Each metric available captures the current state of a Group. Use the search bar to limit the metrics visible within the table.

Select metrics and groups through the widget’s configuration menu.

List of Group Metrics

This section provides the list of metrics available in Group Metric widgets.

Metrics based on Current Data

Metric	Description
Open Host Findings	The number of host findings with the “Open” status.
Open App Findings	The number of application findings with the “Open” status.
Open Critical VRR Host Findings	The number of open host findings with a Critical VRR.
Open Critical VRR App Findings	The number of open application findings with a Critical VRR.
Open High VRR Host Findings	The number of open host findings with a High VRR.
Open High VRR App Findings	The number of open application findings with a High VRR.
Open Weaponized Host Findings	The number of open host findings associated with one or more threats.
Open Weaponized App Findings	The number of open application findings associated with one or more threats.
Closed Host Findings	The number of host findings with the “Closed” status.
Closed App Findings	The number of application findings with the “Closed” status.
Total Host Findings	The total number of host findings.
Total App Findings	The total number of application findings.
Weaponized Hosts	The number of hosts with open weaponized findings.
Weaponized Apps	The number of applications with open weaponized findings.
Total Assets	The sum of the count of hosts and the count of applications.
Hosts with Open Findings	The number of hosts with at least one open finding.
Apps with Open Findings	The number of applications with at least one open finding.
Fixes	The number of patches available for open findings.
Group RS³	The Ivanti RS³ for the group, as displayed on the Groups page.
Open Ransomware Host Findings	The number of open host findings associated with ransomware
Open Ransomware App Findings	The number of open application findings associated with ransomware
Open Trending Host Findings	The number of open host findings associated with currently trending vulnerabilities or threats
Open Trending App Findings	The number of open app findings associated with currently trending vulnerabilities or threats.
Open RCE/PE Host Findings	The number of open host findings associated with Remote Code Execution or Privilege Escalation exploits.
Open RCE/PE App Findings	The number of open app findings associated with Remote Code Execution or Privilege Escalation exploits.

Time Series

Metric	Description
Open Host Findings	The number of host findings with the “Open” status
Open App Findings	The number of application findings with the “Open” status
Open Critical VRR Host Findings	The number of open host findings with a Critical VRR
Open Critical VRR App Findings	The number of open application findings with a Critical VRR.
Open Weaponized Host Findings	The number of open host findings associated with one or more threats.
Open Weaponized App Findings	The number of open application findings associated with one or more threats.
Closed Host Findings	The number of host findings with the “Closed” status
Closed App Findings	The number of application findings with the “Closed” status
Weaponized Hosts	The number of hosts with open weaponized findings
Weaponized Apps	The number of applications with open weaponized findings.
Hosts with Open Findings	The number of hosts with at least one open finding
Apps with Open Findings	The number of applications with at least one open finding
Host Findings Resolved - All	The number of host findings closed within a specific time frame
App Findings Resolved - All	The number of application findings closed within a specific time frame.
Critical VRR Host Findings Resolved - All	The number of Critical host findings closed within a specific time frame.
Critical VRR App Findings Resolved - All	The number of Critical application findings closed within a specific time frame.
Weaponized Host Findings Resolved - All	The number of weaponized host findings closed within a specific time frame.
Weaponized App Findings Resolved - All	The number of weaponized application findings closed within a specific time frame.
No. of Overdue Findings	The number of open findings that should have been closed in each time frame, based on the SLAs governing those findings.
No. of Overdue Critical Findings (Severity)	The number of open Critical findings that should have been closed in each time frame, based on the SLAs governing those findings.
No. of Overdue Critical Findings (VRR)	The number of open Critical findings that should have been closed in each time frame, based on the SLAs governing those findings.
No. of Overdue Weaponized Findings	The number of open findings associated with threats that should have been closed in each time frame, based on the SLAs governing those findings.
No. of Closed Findings that Met SLA	The number of findings that were closed within a specific time frame and Met SLA (closed before they were due).
No. of Closed Findings Missed SLA	The number of findings that were closed within a specific time frame and Missed SLA (closed after they were due).
Group RS³	The Ivanti RS3 for the group, as displayed on the Groups page
Host RS³	The Ivanti RS³ for hosts in the group
Application RS³	The Ivanti RS³ for hosts in the group
Group Risk Accepted RS³	The Ivanti RS³ for the group, calculated as if no findings within the group are in an approved Risk Acceptance workflow