Skip to main content
Version: 2.9.X

Drilldown Into Events

The Drilldown widget visualizes a hierarchical diagram for an event. This diagram represents the underlying events and patterns that were defined in Cogynt Authoring, effectively displaying the full provenance of the event. Analysts will find this widget most useful for understanding the "why and how" of an event's creation and processing in Cogynt.

To use this widget, drag an event into it.

Events in Drilldown Widgets

Once an event or event notification is dragged into the Drilldown widget, it displays:

  • A circular halo/ring representing the parent node.
  • Circles represent events.
    • Grayed out events have no risk level.
    • Circles containing numbers represent the event's risk level. (A donut around the node visually represents risk level.)
    • Nodes are color-coded according to risk level, from most severe (red) to least (yellow).
  • Square icons represent pattern solutions.
    • A solution represents an instance in Authoring where a pattern was fulfilled or "matched" and produced a subsequent event.
    • The same pattern can be fulfilled multiple times and produces unique solutions each time.
  • Blue squares represent valid pattern solutions (i.e., not a retracted solution).
  • Gray squares represent retracted pattern solutions.

Using Drilldown Widgets

To review an event's hierarchy:

  1. With one or more Object Details Viewer widgets open, right-click any node in the drilldown chart to open a context menu.
  2. Click Send To, and then click a specific details viewer to send that node to the Object Details Viewer for inspection.
  3. Right-click the background to open a context menu containing several options:
    1. Click Clear All to remove the event from the widget.
    2. Click Cleanup Layout to automatically recalculate and layout the nodes in the graph.
  4. Double-click an Event or Solution to see its connection to the root node.
  5. At the upper right of the widget, find these controls:
    1. Click Curve Links to toggle between straight or curved lines.
    2. Click Stretch. A slider appears to change the spacing between nodes.
    3. Click Align. Four arrow buttons appear to determine the direction that the drill-down is plotted.
  6. At the upper left of the widget, find these controls:
    1. Click the arrow buttons within the circle to manually shift the current view up, down, left, or right.
    2. Click the center of the navigation circle to re-center the view.
    3. Click the square icon with a hand or pointer to toggle the mouse cursor between pointer and drag mode.
      1. In drag mode, click and drag the chart to drag icons and the view around.
      2. In pointer mode, click and drag a box around multiple nodes to select them.
    4. Use the vertical slider to zoom in or out of the view. Alternatively, use the scroll wheel to zoom in and out.