- 02 May 2022
- 3 Minutes to read
- Updated on 02 May 2022
- 3 Minutes to read
The Devices page displays all the collected devices for the chosen query. The query name is displayed above the search bar.
If no query has been chosen, the page displays all collected devices.
To open the Devices page, click icon on the left navigation panel.
Viewing Query Results
The total number of devices collected for that query (or for all collected devices when no query is present) is displayed on the top left side of the table:
A number of columns are displayed for each device. The first column is the Adapter Connections column. The Adapter Connections column displays the icons of the adapter connections that this device was seen from, and is considered by Axonius as the correlation of data from different adapters to the same device.
For example, a device that was fetched and correlated from the following adapter connections:
- Microsoft Active Directory (AD)
- Amazon Web Services (AWS)
- VMware Carbon Black EDR (Carbon Black CB Response)
- CrowdStrike Falcon
- Cybereason Deep Detect & Respond
- Trend Micro Deep Security
- Kaseya VSA
- SolarWinds Network Performance Monitor
Expanding Device Data
Click left adapters column to expand the device record and to display device 'uncorrelated' data, i.e., the device data per adapter. This functionality provides you with a single view and an easy way to identify the source for each of the different device field values. Click again to collapse the device data.
Hover over the Adapter Connections column to see the adapter name for all adapter connections in a tooltip. If you defined an Adapter Connection Label on the adapter connection configuration it will be concatenated to the adapter name value. This can helps distinguish between two adapter connections from the same adapter.
Expanding Aggregated Field Data
There are 2 types of devices columns:
- Aggregated data fields - a common field which contains data fetched from different adapters. For example, Host name, MAC address, OS type and many more.
- Specific data fields - a unique field which contains data fetched from a single adapter source. For example, "Region" field from Amazon Web Services (AWS).
Click in any generic data field to view a tooltip with the field's 'uncorrelated' data, i.e. device specific field data for that asset entity / adapter connection. Click to collapse the tooltip.
For example, if you expand the 'Last Seen' field, you can see when the device was seen by each of its source adapters.
You can set the columns displayed on the page. refer to Setting Page Columns Display.
Viewing Complex Fields in the Device Profile Aggregated tab
Complex fields are fields which can display a number of parameters. For instance, the Installed Software field can contain the Software Version field, the Software Name field, Software Vendor field and more.
In Complex fields, the system displays the first few parameters in the field, and then displays the number of additional parameters.
Mouse over the number of additional parameters to display a context menu showing the first 10 parameters in this field. You can scroll through the data.
Click View all results to open the data in the Device Profile Aggregated tab, open at that complex field.
Navigating between Table Result Pages
By default, 20 results are displayed in each table page. You can change the number of results per page and choose between 20, 50 or 100, by clicking the appropriate icon on the bottom left side of the table:
Use the pagination bar at the bottom right side of the table to move between pages:
Displaying Historical Data
Axonius saves daily “snapshots” of all the collected data, which you can view for any query in the Devices page.
To view device query results for a specific date, click the calendar button or click 'Display by Date' on the top right corner above the query results table.
A date picker control opens, enabling you to select the desired data. By default, the latest day for which data was collected is displayed.
Notice that only dates with collected data are enabled as options for choice.
To clear the historical view and set back to latest, hover over the displayed date and click on the 'X' next to the displayed date.
Cancel Query is displayed when you run a query. Click Cancel Query to revert to the results of the last successful executed query.
Last Updated Indication and Refresh Query
When query caching is enabled, and query results are retrieved from cache the Last updated indication is displayed. This indication specifies the last time the query was executed and from when the displayed query results are updated.
Use Refresh Query to run the query again to recalculate the query results.