The Dashboard module in Perch acts as a saved, living repository of all Visualizations you want to work with in one designated location. Dashboards have both a Query Bar and Time Bar for adjusting the log records search simultaneously through all the Visualizations embedded in the Dashboard.

Dashboards can also be saved in PDF format, put on a timed schedule for ongoing reporting and outbound delivery, and are saved for interaction and queries at any time within the Perch portal under Perchybana > Dashboards.

Perch has several pre-built Dashboards, typically focused on one specific product, network segment, policy/standard, or other realms of IT/IS.

Examples include:

• AWS Activity
• Flow Analysis
• G Suite Dashboard
• Microsoft 365 Weekly Report
• PCI DSS v3.2.1
• HIPAA
• Threat Hunting PowerShell
• Windows Admin Activity v2
• Many more!

You can install any Dashboards from the Marketplace, which will also install all Visualizations that are built into a Dashboard. Check out all the publicly available Dashboards in the Perch portal at Marketplace > Explore > Popular > and use the Add-on Type filter to select Dashboards.

1. Head to Perchybana > Dashboards.
2. Click Create Dashboard in the upper right corner.
3. You’ll now be on the main Dashboard Editing page. From here, you have a few initial options:
   1. Save – We recommend immediately saving the dashboard so you can give it a title and continue to update it as a saved object going forward.
      1. Click Save above the Query Bar.
      2. Add a Title and Description.
      3. Click Save in the window.
   2. Add – If you have one or more existing Visualizations you want to add to the Dashboard, click Add an existing below the Query Bar. Select any Visualizations or Saved Searches you wish to add. You can continue to click on objects, and they will add to the Dashboard (keep an eye on the red Perchybana loading bar).
   3. Create new – You can also create an original Visualization right from this initial Dashboard page. To do so, click the purple Create new button within the small box below the query bar.
4. After the first stage of starting a new Dashboard, a Dashboard can be in Edit or Saved mode.
   1. Edit Mode – The Objects (Visualizations/Saved Searches) of the Dashboard can be switched out, inspected, removed, and resized. New Objects can also be added.
      1. Options – You can turn on/off these two options:
         1. Use margins between panels.
         2. Show panel titles.
   2. Saved Mode – The Dashboard is saved and is currently being viewed and in use. In this mode, the Dashboard can be queried in any additional way and so can its Time Range. We highly recommend only using Share in Saved Mode, not in Edit Mode.
5. Go to Edit Mode, and we’ll go over the functions you’ll use to create and manipulate how your Dashboard will look.
   1. Resizing Panels – You can drag + drop to resize the panel your Visualizations live on.
      1. Hover over the bottom right corner.
      2. Click on, hold, then drag the panel to the size you want.
   2. Add – You can add additional Visualizations to the Dashboard as panels. You can add existing Visualizations or Saved Searches, or create new Visualizations with the Create New function.
   3. Cancel – Cancel any made changes to the Dashboard after the most recent Save. Hitting Cancel will open a verification window to make sure you want to discard changes or continue editing.
   4. Options – You can turn on/off these two options:
      1. Use margins between panels.
      2. Show panel titles.
   5. Share – We do not recommend using the Share function while in Edit Mode.
   6. Edit Visualization - This function allows you to open the Visualization you chose to edit, correct, or change, then save the update to reflect back in the Dashboard. We recommend opening Edit Visualization in a New Tab so you don’t leave your Dashboard page.
   7. Replace Panel - This function allows you to switch out the exact panel-sized Visualization in the Dashboard out for another Visualization.
   8. Customize Panel - Choose whether or not to show the title of the Visualization, as well as edit the title to better align with the Dashboard or style
   9. Inspect - This function shows you the aggregated data for the Visualization’s Perchybana Query. You can also download a CSV file of this aggregation right from this panel.
   10. Full Screen - Temporarily shows the Visualization as the full view of the Dashboard. Click the Settings Gear > Minimize to return back to the normal Dashboard view.
   11. Customize Time Range - Allows you to add panel/Visualization-specific time conventions to a Visualization. This will not be affected by the overall Time Bar query that alters the rest of the Dashboard.
   12. Delete from Dashboard - Deletes the Visualization panel from the Dashboard. This does not delete the Visualization.
6. Go to Saved Mode. These are the functions you will use to view, query, and report your Dashboard:
   1. Query Bar - Enter any Perchybana search queries here. They will take effect across all the Visualizations in a Dashboard simultaneously.
   2. Time Bar - Change your Time Index with the Time Bar, and update the entire Dashboard to reflect this change in the data view. You can customize the time range of specific panels/Visualizations in Edit Mode.
   3. Share - Use Share to generate PDF and PNG versions of the Dashboard, which then are listed and downloadable at Perchybana > Reports.
   4. Clone - Use Clone to create a complete copy of the Dashboard you are viewing, allowing you to own the object and update as you like.
   5. Full Screen - Enter a Full-Screen mode view of the Dashboard.

1. No Results Found:
   1. Seeing this on any Visualization indicates the Visualization is unable to produce results or visualize itself around its logic. This can happen for one of two reasons: either the log records your Visualization is built around have no data for that Time Range, or there is an error in the logic or functions of the Visualization. You can verify why the Visualization is malfunctioning by going to Edit Visualization to check for any errors, or by extending your Time Bar query to include more results
2. Owning Dashboards:
   1. Owning – meaning you created – a Dashboard is the only way to update any Visualizations saved in that particular Dashboard. This also applies to any layout changes. If you do not own the Dashboard, any changes you make to the Visualizations on that Dashboard will always be overwritten. In order to update a version of an existing Dashboard, you are able to Install and Clone that Dashboard.
3. Installing from Marketplace:
   1. When you Install a Dashboard from the Marketplace, all the Visualizations that live in that Dashboard object will also Install to your profile. In order to update a Dashboard you just installed, you need to Clone the Dashboard. This can be done while a Dashboard is in Edit Mode (open a Dashboard > Edit at the top). See Marketplace for more details.
4. Sharing Dashboards:
   1. To share a Dashboard with another user in your Organization, go to Marketplace > Manage. From here, open the Details page of your Organization’s Private Collection. Then, share the Dashboard, and it will Install for all members of your Organization. See Marketplace for more details.

Dashboards can be powerful, decisive views into the logs and network traffic your Organization sees on a daily, weekly, and monthly basis within Perch. It can also turn into effective, measurable reporting metrics that can be presented to executive levels, as well as some not-so-technical user friends we work with. With some Perchybana magic, time, love, and care, your Dashboards in Perch can become the critical look into your environments you need.