Custom Reports
Create tailored security reports with custom metrics, filters, and visualizations for your specific needs.
Tailored Insights
Build reports that match your audience—executive summaries for leadership, detailed analytics for SOC teams.
Custom Report Types
| Report Type | Description | Best For |
|---|---|---|
| Trend Analysis | Security metrics over time | Executive summaries, monthly reviews |
| Incident Summary | Incident breakdown and outcomes | Post-incident reviews, audit trails |
| Compliance Status | Control effectiveness, gap analysis | Auditors, compliance officers |
| Performance Metrics | MTTD, MTTR, SLA compliance | SOC managers, team leads |
Creating a Custom Report
- 1️⃣ Navigate
- 2️⃣ Choose Template
- 3️⃣ Select Data
- 4️⃣ Apply Filters
- 5️⃣ Visualizations
- 6️⃣ Output
Step 1: Navigate to Report Builder
Access the custom report builder from the Reports section.
Navigation: Reports → Custom Reports → Create New Report
Step 2: Choose Report Template
Start with a pre-built template or create from scratch.
| Template | Description |
|---|---|
| Blank Report | Start from scratch |
| Executive Summary | High-level metrics for leadership |
| SOC Performance | Team KPIs and response metrics |
| Incident Review | Post-incident documentation |
Step 3: Select Data Sources
Choose which security data to include.
| Data Source | Content |
|---|---|
| Security Events | Threats and detections |
| Threat Intelligence | IOCs and threat data |
| User Activity | Access and changes |
| Agent Health | Performance metrics |
| Compliance Status | Control effectiveness |
Step 4: Apply Filters and Date Range
Refine the data scope for your report.
| Filter | Options |
|---|---|
| Date Range | Last 7/30/90 days, custom |
| Severity | Critical, High, Medium, Low |
| Agent Filter | All or specific agents |
Step 5: Add Visualizations
Include charts and graphs to visualize trends.
| Chart Type | Best For |
|---|---|
| Line Chart | Trends over time |
| Bar Chart | Comparative analysis |
| Pie Chart | Distribution breakdowns |
| Heat Map | Activity patterns |
Step 6: Configure Output Settings
Set report name, format, and delivery options.
| Setting | Options |
|---|---|
| Report Name | Descriptive title |
| Output Format | PDF, Excel, HTML |
| Delivery | Download or schedule |
Pre-Built Templates
- 📊 Executive Summary
- 👥 SOC Performance
- 🔍 Threat Intelligence
- 🚨 Incident Post-Mortem
Executive Security Summary
High-level overview for leadership.
Includes:
| Section | Content |
|---|---|
| Critical Events | High-priority threats |
| Trends | Security posture over time |
| Security Score | Overall posture rating |
| Recommendations | Key action items |
SOC Performance Dashboard
Team performance metrics.
Includes:
| Metric | Description |
|---|---|
| MTTD | Mean time to detect |
| MTTR | Mean time to respond |
| SLA Compliance | Response time adherence |
| Incident Breakdown | By severity and type |
Threat Intelligence Report
Threat landscape analysis.
Includes:
| Section | Content |
|---|---|
| IOCs Detected | Indicators of compromise |
| Threat Actor TTPs | Tactics, techniques, procedures |
| MITRE ATT&CK | Framework mapping |
| Recommendations | Defensive actions |
Incident Post-Mortem
Detailed incident review.
Includes:
| Section | Content |
|---|---|
| Timeline | Chronological events |
| Root Cause | Analysis and findings |
| Impact | Systems and data affected |
| Lessons Learned | Improvements identified |
Scheduling Automated Reports
- 📅 Schedule Frequency
- 📤 Delivery Method
- ⏰ Execution Time
Schedule Frequency
Choose how often reports should be generated.
| Frequency | Use Case |
|---|---|
| Daily | Operations monitoring |
| Weekly | Team reviews |
| Monthly | Management reporting |
| Quarterly | Compliance reviews |
Delivery Method
Configure how and where reports are delivered.
| Method | Description |
|---|---|
| Send to specified addresses | |
| Dashboard | Store for on-demand access |
| Cloud Storage | AWS S3, Azure Blob |
Execution Time
Configure when reports should run.
| Setting | Options |
|---|---|
| Day of Week | For weekly reports |
| Time of Day | Default: 6:00 AM |
| Timezone | Local or UTC |
Best Practices
| Practice | Description |
|---|---|
| Start with Templates | Use pre-built templates, then customize |
| Focus on Actionable Insights | Include context, trends, recommendations |
| Use Visualizations Effectively | Right chart for the data type |
| Tailor to Audience | Executives need summaries, analysts need details |
| Schedule Regular Delivery | Automate for consistent communication |
| Version and Archive | Maintain historical reports for trends |
📝 Custom Report Checklist
- Identify report audience and purpose
- Choose appropriate template or start blank
- Select relevant data sources
- Configure appropriate filters
- Add meaningful visualizations
- Set descriptive report name
- Choose output format
- Schedule delivery if recurring
- Test report generation
- Archive for future reference
What's Next?
| Guide | Description |
|---|---|
| Exporting Data | Export security data in multiple formats |
| Compliance Frameworks | Generate compliance reports |
| Dashboard Overview | Understand dashboard metrics |