Get Started

Getting Started

Deploy

Onboard and Manage Accounts

Amazon Web Services (AWS)

Google Cloud Platform (GCP)

Microsoft Azure

Oracle Cloud Infrastructure (OCI)

Additional Providers

Collect and Integrate Data

Harvesting & Event-Driven Harvesting

Integrations

Understand Data

Visibility & Reporting

Inventory

Query Filters & Insights

Manage and Act on Data

Bots & Automation

Infrastructure as Code (IaC) Security

Cloud IAM Governance

Vulnerability Management

Workload Security

Manage System Settings

InsightCloudSec System Configuration

Developer Resources

APIs

Support

Insights - Quick Reference

The information on this page has moved

For the most up to date Insights guidance, go to Insights.

How do I create my own Insight?

From Resources, select a target Resource, use the Filters option, at the top right of the resources page, and select any one or more filter(s) you want to apply to the selected resource. Choosing a resource narrows the filters automatically to display only those that apply.
- This "filtered" resource view updates to include a Save Insight button.
- You also have the ability to use an existing Insight as a starting point. You can clone a Custom Insight directly, or use the Record Changes option to create a modified Insight with any Insight as the starting point.

Can I clone/edit/modify an existing Insight?

Only custom Insights (or those not included out-of-the-box) can be cloned. From the Insight Library (Security > Insights) select the checkbox to the left of the Insight name. Select the Actions button and scroll to the Clone option on the actions menu.

Where can I see the Filters that were used to create an Insight?

Filters are listed on the Insight Report details, in the Insight information panel. Scroll to the bottom of that content pane to view the list of filters.

This is the best option if you want to use an out-of-the-box Insight as a starting point to create your own.

Can I reset an Insight (e.g., modify the scope or filters)?

To modify the scope or filters of an existing custom Insight to make permanent changes to that Insight, you can "record the changes".

Open a Custom Insight and then locate the Resource Breakdown column; clicking on the Findings/In Scope count navigates to a filtered page displaying the resources that apply to the Insight.

Once you are on this page, if you want to edit or modify the existing Custom Insight, you must first click on the Record Changes button before you select any new scope or filtering.

Refer to the complete instructions here.

How do I create an Exemption?

Exemptions are Insight-driven. Refer to Exemptions (Insights) for detailed documentation on this capability.

There are two options:

From the Insight Report view of a selected Insight under the Results by Cloud select view all
Select the Findings/In Scope count

Either of these selections will open a filters view of applicable resources. From this view, select the box next to the target resource, and click on the Add Exemption button.

Can I change an Insight's severity?

From the Insight Library, select the box next to the target Insight to enable the Actions menu. Click Actions > Set severity. Select a severity or "Default" to reset the severity to its original value, then click Update Severity.

Check out the full list of actions here.

Insight Findings

For Insight Findings, Insights associated with cloud accounts which are in a paused state are not evaluated during hourly Insight scans. This configuration allows the system to align with Bots which have skipped paused clouds for the past year. It will affect Insight calculations (e.g. Findings) if the paused clouds are in scope of the Insight.

Did this page help you?

Getting Started

Welcome to InsightCloudSec