View network correlations between nodes highlighted in Workbench and related obejcts.
![]() |
ImportantFor accurate analysis, configure your Network Resource Lists in . Configuring Network Resource Lists provides the Network Analytics engine with context
about the topography of your security environment. You can configure multiple Network Resource profiles for more granular detail, especially if you monitor multiple networks or company
branches from your Trend Vision One console.
The network analytics report is available for all apps that use Network Sensors as
a data source, including Virtual Network Sensor, TippingPoint, and Deep Discovery
Inspector.
|
The network analytics report shows network correlations between the trigger object
selected in Observable Graph and other related objects. The network analytics report consists of three main sections:
Summary, Correlation Graph, and Transactions and IoCs.

The Summary includes the following information:
-
Severity
-
Number of detected internal hosts and indicators of compromise (IOCs)
-
Attack patterns
-
High-level overview of the malicious activity of the correlated event
You can show or hide the summary section using the show/hide icons (
or
).


For more details about the information provided in summary and the actions you can
take, see Review the summary.

The Correlation Graph provides a visual representation of correlations made between the selected suspicious
object and other related objects.
Click
next to the Playback Bar to display or hide the advanced search filter.

For more details about the information displayed in the correlation graph and the
actions you can take, see Analysis using the Correlation
Graph.

The Transactions and IOCs section provides details about each transaction represented in the correlation graph
and each detected Indicator of Compromise (IOC).
The report lists transactions from oldest to most recent. Listed transactions might
have occurred in a single day or span several months, depending on the correlations
found by Network Analytics. The report lists IOCs from oldest to most recent.
You can show or hide the transactions and IOCs section using the show/hide icons (
or
).


For more details about the information displayed in the transactions and IOCs section,
see Analysis using Transactions and IOCs.