This is the report page. A report consists of graphs and/or charts displaying the data associated with aggregations. The process for creating aggregations is detailed on the Creating an Aggregation Bucket page. The example shown above is the AWS CloudTrail report.

Above each chart are three buttons. The first button allows you to edit the chart directly from the page. From here, you can change the type of chart, in addition to the duration of time that the chart displays.

To the top right of the page are buttons that allow you to perform various actions. The first button takes you to the “Event Watch Reports” page where you can configure all the reports. The next button will take you to the “Report Schedule” page. On this page you can schedule an email to send you selected reports at a specified time each day.

The third button generates a printer-friendly PDF version of the report.

The “+” button opens a window that allows you to create a new widget using an aggregation that has been configured on the Event Watch page. This is similar to the process for adding aggregations to reports that is detailed in the Creating a Report section below. Click “SAVE” to add the widget; the new chart will appear on the report.

Event Watch Reports

This page displays a table containing all the currently configured reports. In the rightmost column there are two action buttons; the first button redirects you to a page containing the histograms corresponding to the report. The second button allows you to edit to the report. Similarly to the Report page, in the top right corner are buttons allowing you to perform various actions.

The first button opens a window with a dropdown menu. This menu contains a list of Fluency’s prewritten reports, that are stored in a repository on Github. To add one of these prewritten reports, select it from the dropdown menu and click “IMPORT.”

The next button allows you to import a report (or multiple reports) from a formatted JSON file. The third button will export all the reports in a formatted JSON file.

The trash can button allows you to delete reports that are checked using the leftmost column of the table. Lastly, the “+” button will redirect you to the report creation page.

Creating a Report

Above is the report configuration for the AWS CloudTrail report. The first two fields are the name and description for the report. The name displays in the dropdown menu on the Report page, and the description displays as the header for the report.

Below this is the table containing all the aggregations. Aggregations can be added or deleted using the action buttons in the rightmost column of the table.

The next step is to add aggregations. Click the “+” button to add an aggregation.

Each bucket aggregation consists of five fields: title, bucket aggregation, duration, type, and data type. The first step is to give the aggregation a title. This title will be displayed on the report as the header over the chart.

The next step is to choose the aggregation for the chart. The dropdown menu for this field lists all the event bucket aggregations that have been configured on the “Event Watch” page. Detailed steps on how to configure event bucket aggregations for use with this step can be found on the Creating an Aggregation Bucket page.

Next, choose a duration for the chart. The default value is 2 days, but this can be changed as needed.

There are six available types of charts and graphs to choose from, including standard chart types like the histogram, stack chart, and pie chart. There are also a few other charts available.

A Top N chart shows the top 10 most frequent values of the field used for the chart in a stacked chart format. A map can be used to plot geolocation data. This can be used for fields that contain cities to show locations where events have occurred. A counter simply displays the value for the chart as a number.

Lastly, select a data type. The default data type is count, the most common option, which displays a count of the number of events. Click “SAVE” to add the report.

