Analysis of large reports in Veritas Data Insight is a challenge. How to find patterns in the vast array of "raw" data? How to distinguish between the typical behavior of users and the malicious?
One way to facilitate the task of analyzing large amounts of information, and in particular - security logs, is a visualization. The information presented in a graphical form is much better perceptible by a human than presented as a table with a huge number of similar records.
So, how Data Insight reports can be visualized?
Here is a possible one. The horizontal axis corresponds to a time stamps. The vertical axis labeled by numbers, corresponding to the folder' s depth in a hierarchy. Not all folders are of interest - only those wich have files with corresponding log entries in a report.
Implementation is done by me in RStudio using "data.tree" and "plotly" packages. The result you can see in the screenshot, and in a short video. The plot is interactive.
Here we can see, for example, single vertical lines, wich means a user once visited folder(s) he never visited before and after. We can find gaps, corresponding to holidays.
