Hunters allows you to summarize, visualize, and review analytics relevant to your usage of the platform. This is available by creating dashboards that display the information you are interested in.
Using a wide selection of pre-made queries, you can create widgets that provide real-time statistics regarding your Hunters environment. These widgets can then be placed in a dashboard to provide a complete view. Additionally, you can run queries on all raw data maintained by Hunters in your data lake.
📘 Learn more
Hunters analytics is built using these building blocks:
Dashboards - Dashboards show a comprehensive overview of data and are comprised of at least one widget. Dashboards are useful for monitoring, measuring, and analyzing relevant data in key areas.
Widgets - Units contained inside a dashboard, extracting information based on the widget settings or query.
How to set up analytics
Step 1: Create a new dashboard
From the Hunters menu, navigate to Data > Dashboards.
To create a new dashboard, click the new dashboard card.
From the New Dashboard dialog box, select the data source from which to pull the data.
⚠️Attention
Not to be mistaken with Data sources in other places on the Hunters platform, dashboard data sources are pools of data from which you will later be able to extract information. Each data source contains data regarding a specific aspect of the Hunters platform, such as Alerts, Leads and Investigations in your environment.
After selecting a data source for your dashboard you will be presented with data fields relevant to the selected source to choose from, which will be the building blocks of your dashboard.
📘Note
To query all of your raw data on Hunters, select Snowflake from the Data Source dropdown.
Give your dashboard a title based on what you intend the dashboard to display. For instance, SOC Queue Analytics, or T1 Alerts.
Click Create to continue.
Your dashboard will now appear as an empty page. You'll need to add widgets to your dashboard to display visualized data.
Step 2: Create a new widget
From your new dashboard, click Select data to start a new widget.
.png?sv=2022-11-02&spr=https&st=2025-05-24T03%3A36%3A18Z&se=2025-05-24T03%3A50%3A18Z&sr=c&sp=r&sig=hLJqQjTaJiutl8S4U9Eue8nZKPGUhVz2km%2BiK4m6aRw%3D "image(264).png")
From the drop-down list, select the data you would like to visualize. For instance, if you intend your widget to explore all of the alerts in your environment, select Alerts > Id.
.png?sv=2022-11-02&spr=https&st=2025-05-24T03%3A36%3A18Z&se=2025-05-24T03%3A50%3A18Z&sr=c&sp=r&sig=hLJqQjTaJiutl8S4U9Eue8nZKPGUhVz2km%2BiK4m6aRw%3D "image(266).png")
💡 What is this?
The Data dropdown presents a list of tables (the example “Alerts” is marked as 1 in the above image) and the data items contained within each table (the example “Confidence” is marked as 2 in the above image). If you intend your widget to explore alert severity, select it from the list.
If you are not sure what each data item means, click the Open preview modal icon marked as 3 in the above image. This will give you a preview of what each of the data items related to.To set up your widget use any of the following:
.png?sv=2022-11-02&spr=https&st=2025-05-24T03%3A36%3A18Z&se=2025-05-24T03%3A50%3A18Z&sr=c&sp=r&sig=hLJqQjTaJiutl8S4U9Eue8nZKPGUhVz2km%2BiK4m6aRw%3D "image(270).png")
Add or remove data items (see 1 in the image above).Change the visuality of your widget (see 2 in the image above). By default, your data will be displayed in Pivot mode. You can switch to pie chart, bar chart, column chart, or any other from the list.
Add a title to your selected data (see 3 in the image above).
Switch to Advanced Configuration to edit your widget easily (see 4 in the image above).
💡About Advanced Configuration
YThe Advanced Configuration mode allows you to easily play around with your widget settings, add and remove data items and adjust the view until you reach the desired result. Here are some of the highlights of this mode:
Dragging and droping data items to edit the widget
Controling the widget design
Updating live upon every change to provide an accurate preview
Exporting your widget as a csv file
And more..png?sv=2022-11-02&spr=https&st=2025-05-24T03%3A36%3A18Z&se=2025-05-24T03%3A50%3A18Z&sr=c&sp=r&sig=hLJqQjTaJiutl8S4U9Eue8nZKPGUhVz2km%2BiK4m6aRw%3D "image(271).png")
Once done, click Create (or Apply in Advanced Configuration mode) to finalize the widget.
Your widget will now be displayed within your dashboard. You can add more widgets to elaborate and extend the analytics provided by your dashboard.
Example
📘Note
While the below example demonstrates dashboard creation for alert data, dashboards also provide access to all raw data collected by Hunters by selecting the Snowflake data model as the Data Source.
In this example, we will create an alert analytics dashboard with a widget showing the number of alerts per alert name, divided into risk score.
First, we will create a new dashboard and select Alerts Analytics as the data source. We will also name the dashboard, and then click Create.
Once the dashboard opens, we will create a new widget by clicking Select Data. Since our primary interest is showing how many alerts exist in our environment per alert name, we will select Alerts > Name.
We will now switch to Advanced Configuration mode to continue the setup process.
From the Values box in the left panel, we will add Id, to display the number of unique alert IDs per alert name.
From the Columns box in the left panel, we will add Risk. This will display the number of alerts per alert name separated by risk.
Additional info
Hunters Dashboards is a very potent analytics tool. As such, it requires you to learn and practice to reach a perfect result. Here are a few resources that will help you learn more advanced Dashboard techniques: