The Heatmap

Heatmaps are a useful way to visualize data based on frequency. If you’ve seen GitHub commit heatmaps, this is basically the same idea but with blue circles instead of green squares.

You can manipulate the heatmap using the filters at the top to select only data of interest and the bollards at the bottom to change the time period of the search. Once you apply the filter, the heatmap will provide you a graphical representation of frequency of activities. The larger the circle, the more activity. In the example below you can see Bruce was doing a LOT of calendar work on Nov 5th and worked with a bunch of files on the 6th.

You can click on a dot to bring out a drawer with the raw information associated with that activity. From there, you can sort and further filter your view as you find the information you want.

Wait, What Are All These Applications?

You may notice in the heatmap screnshot that we breakdown activities based on the type of application that generated the event. Rather than force you to know the details of all the logs from a given SaaS provider, we categorize them into generic applications so you can easily understand at a high level the nature of the events you’re looking at. Further, these buckets are really generic so if you want to search for all file access from a given IP address regardless if the users were using Box, Dropbox, Google Drive, or Microsoft OneDrive, you can just filter on FileStorage and see it all in once place. Cool, eh?

If you’re interested in learning more about how we think about logs and these categories, see link