Login
    Contents x
    Asset Investigation
    • 18 Sep 2023
    • 3 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Contents

    Asset Investigation

    • Updated on 18 Sep 2023
    • 3 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Article Summary

    Use Asset Investigation to view changes in the values of fields over a set period of time. The investigation data allows you to monitor the fields so you can identify abnormal behavior in the asset.

    AssetInvestigationNew2

    Events Table

    The Events table shows changes in the values of fields on the assets selected.
    Each row on the table represents a changed event on the asset and the time at which it happened. The changes are displayed for each adapter source, and not on the aggregated value. Events are displayed sorted by time with the newest events on the top. The first time you open this page, the Values Added column is populated with the first value identified by Axonius, which is the value from which added/removed values will be calculated. These values are marked by an i icon.

    The Events table shows the following information:
    Date – The date and the time stamp of the changed event in UTC.
    Field Name – The name of the field, an adapter icon shows on which adapter the field is.

    • Event Type - The type of event.
      • Earliest Value Added - The first value identified by Axonius, which is the value from which added/removed values will be calculated.
      • Value Added - a value added to the field
      • Value Removed - a value removed from the field
      • Value Changed - both a value added event and a value removed event occurred.
        Values Added - Lists all the values added to the field. If more than 2 values were added, mouse over to see all the values, the first 50 are displayed and can be scrolled through.
        Value Removed - Lists all the values removed from the field. If more than 2 values were removed, mouse over to see all the values.

    Asset Investigation Fields

    Asset Investigation is supported fora pre-defined set of fields. You can see the fields available for each asset type in the Field Name filter:

    Filtering Asset Investigation Tab Display

    You can filter on the values to be displayed on the table. The following filters are available:

    • Field Names - The fields for which the timeline will display changes in the selected time range.

    • Adapter Connections - The adapter connections for which you want to display events.

    • Event Type - Filter by event type. You can choose to show values added, values removed, the earliest value added, or Value changed. Value changed shows values when Values Added and Values Removed were part of the same event.

    • Time Range - You can filter for specific assets by date with the date range picker or by a specified last number of days, weeks, months, or years or for a time range prior to the number of days set.

      To filter by date range:

      1. From the Time Range dropdown, select In range.
      2. Select Start date and End date to indicate the date range to display results. 
      3. To filter results only for a specific date, select the same date twice.
      4. If you want to include specific times in the date range, click Select Time in the date range picker.
      5. Click OK to set the Time Range filter.


      DateRange

      To filter by the last number of hours, days, weeks, months, or years:

      1. From the Time Range dropdown, select Last and specify a value in the field next to Last.
      2. By default, the value is the number of days. If you want to filter by hours/weeks/months/years, select the relevant option from the days dropdown.

      TimeRange(1)

      To filter by the number of days ago:

      You can set a Time Range to show only the events prior to the number of hours, days, weeks, months, or years set.

      1. From the Time Range dropdown, select Prior to. 
      2. In the number field enter a value or use the arrows to select the value you want.
      • By default, the value is the number of days. If you want to filter by hours/weeks/months/years, select the relevant option from the days dropdown.

      DurationPrior


    • Use 'Clear all' to clear all of your selections in a specific filter.

    Search
    Use free text to enter a value to search for a value added or removed.

    • Click 'Reset' to clear all filters or the search and reset the display.

    • Click Comparison Report to open the Comparison Report dialog. The comparison report opens with the current device selected.

    • Choose Export CSV to export the table to a CSV file.


    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout