- Dashboards
- Navigation Overview
- View and Interact with Dashboards
- View and Interact with Visualizations
- User Management
- Configure and Manage Dashboards
- Create a Dashboard
- Add a Visualization to a Dashboard
- Add a Text Tile
- Modify a Dashboard Layout
- Add Dashboard Filters
- Manage Automatic Refresh Rates
- Create a Scheduled Report
- Make a Dashboard Public
- Export and Import Dashboards
- Edit Dashboard Filters
- Edit Dashboard Details
- Duplicate a Dashboard
- Delete a Dashboard
- Configure and Manage Visualizations
- Create a Visualization
- Auto-Create a Visualization from a Natural Language Prompt
- Create a Visualization from a Search Query
- Add Visualizations from the Library to a Dashboard
- Modify a Visualization
- Configure Visualization Query Filters
- Include Context Filtering in Visualizations
- Make a Visualization Public
- Export and Import Visualizations
- Duplicate a Visualization
- Remove a Visualization from a Dashboard
- Delete Visualizations from the Library
- Configure and Manage Scheduled Reports
- Pre-Built Dashboards
- Advanced Analytics Dashboards
- AI/LLM Dashboards
- Case Manager Dashboards
- Compliance Dashboards
- Correlation Rules Dashboards
- Event Store Dashboards
- Access Grant and Revoke Activity
- Account Logout Summary
- Account Management Activity
- Application Security Event Summary
- Authenticated User Accounts on Hosts
- AWS CloudTrail Summary
- Data Loss Prevention Activity – Host-Based
- Data Loss Prevention Activity – User-Based
- Data Loss Prevention Activity Summary
- Default Account Access
- Default Credential Usage and Change Activity
- Denied Web Access Activity
- Disabled User Account Summary
- Discovered Attacks by Source and Destination
- Endpoint Detection and Response
- Failed Application Logon Activity
- Failed Audit Logs Summary
- Failed Host Login Attempt Counts by Users
- Failed VPN Login Attempts and Remote Session Timeouts
- Firewall Activity
- Firewall and Router Device Interfaces
- IOC Statistics
- Insecure Authentication Attempts
- Log Delay Insights
- Microsoft 365 Summary
- Microsoft Windows Overview
- Network Applications by Traffic Volume
- Policy Activity Summary
- Ports Usage Trend
- Privileged Access
- Privileged Access – User-Based
- Protocols by Network Traffic
- Remote Session Overview
- Security Alert Summary – Impacted Hosts
- Security Alert Summary – Origin Hosts
- Security Alert Summary – Users
- Successful Application Logon Activity
- Successful Database Login Activity
- Successful Physical Access
- Top Attackers
- User Account Creation Summary
- User Account Lockout Activity
- Vendor Authentication Activity
- Windows Audit Failure Summary by Hosts
- Windows Audit Failure Summary by Users
- Windows User Privilege Elevation
- Zscaler HTTP Dashboard
- Security Operations Center Management Dashboards
- Threat Center Dashboards
- Pre-Built Visualizations
- Anomalies - Use Case & MITRE Coverage
- Anomalies by Rule Name
- Anomalies by Use Case
- Anomalies Count Over Time
- Anomaly Distribution by MITRE Tactic & Score
- Application Count
- Closed Incidents
- Correlation Rules by Severity
- Correlation Rules Triggered Over Time
- Detected Anomalies
- Host-Based DLP Alerts Count
- Incidents Created
- Incident Summary by Incident Type
- Number of Hosts with DLP Alerts
- SOC Incident Distribution
- Top 5 Host-Based DLP Alert Categories
- Top 5 Protocols in Host-Based DLP Alerts
- Top 10 Host-Based DLP Alert Types
- Top 10 Hosts with DLP Alerts
- Top Activities per Top 10 Applications
- Top Users per Top 10 Applications
- Trend of Application Security Events
Disabled User Account Summary
This dashboard provides an overview of disabled accounts in your organization.
Note
This dashboard can assist you in complying with the following regulatory requirements: HIPAA 164.308(a)(3), "HIPAA 164.312(a)(1)",HIPAA 164.308(3)(ii)(c), HIPAA 164.308(4)(ii)(c),"NIST 800-66 R1 4.3.5", "NIST 800-66 R1 4.14.5", "NIST 800-66 R1 4.14.9", "SOX/Risk Assessment/Managing Change", "NIST 800-53 AC-2.f(1)(4)", "NIST 800-53 PS-4", "NIST 800-53 PS-5" TSC SOC2 CC6.3, ISO 27001 A.7.3.1, CJIS 5.12.2, SOX/Control Activities/Authorization and Role Management.
Time Range Filter
The Event : Approx Log Time filter sets the time range for the event data. The default setting is in the last 7 days. You can update this filter with a wide range of customizable settings.
To update the time range filter, click the arrow () on the right, under the Edit button, to expand the filters panel. In the Event : Approx Log Time filter, select an operator from the first drop down menu and then enter or select values in the subsequent fields, depending on the operator you selected. To save your filter changes, click Apply on the right side of the filter panel. The updated filter is applied to the visualization.

Deleted User Accounts Count
This single value bar chart displays the number of deleted accounts in your organization during the selected time range.

Account Disable Activity Trends
This line graph shows the count trends for disabled account events within the selected time range. To view the values represented in the chart, move your pointer over the graph line and hover on the data points. To view the underlying events of a value, click the data point, and then click Show Results in Search.
![]() |
Top 10 Users Disabling Accounts
This bar chart represents the top 10 users in your organization with the most account disabling activity. To view the values represented in the bars, hover your pointer over them. To view the underlying events of a value, click the bar, and then click Show Results in Search.
![]() |
Disabled Accounts per User
This bar chart breaks down the different accounts disabled by users during the selected time range. To view the values represented in the bar segments, hover your pointer over them. To view the underlying events of a value, click the bar segment, and then click Show Results in Search.
![]() |
Disabled User Accounts
This table provides details on recent account disabling events, including the Approx Log Time, Subject, Activity, Activity Type, Dest User, User Event Code, and Account Name. Click the heading of the column that you want to sort the data by. Click the arrow icon to change between ascending and descending
orders. To view all the table rows, you may need to use the scroll bar on the right.
![]() |