Creating entity filters

PreviousEntity Insights and Finding Rules NextSetup insights using entity filters

Last updated 5 months ago

Was this helpful?

Creating entity filters

Creating Entity Filters

Creating entity filters is an important step in setting up rules and generating insights for your data. The insights or findings you see are primarily based on how you set up these filters and what data they select. Filters allow you to focus on specific sets of data to generate meaningful insights based on your needs. Let’s walk through how you can create filters using the different fields available to you.

Steps to Create Entity Filters

Navigate to the All Entities Page In the navigation sidebar, go to the Configure section and select All Entities. You will see a page similar to the one below.
Open the Filters Panel On the top left corner of the page, click the Filters button to open the filter slideout.
Use Different Fields to Set Your Filter In the filter slideout, you can combine different fields to select the data that fits your needs. Here’s a breakdown of the various fields available in the filter slideout.

Explanation of Fields in the Entity Filter

Name: Select the specific name of the entity you want to filter. For example, you can filter by the name of a resource/identity/connection/insight.
Entity Type: Choose the type of entity you want to filter. You can filter by identity, resource, connection, or insight.
Source Type: This field refers to the terminology used in the applications that provide the data (e.g., in GitHub, a "team" is mapped as a connection entity and a "repository" is mapped as a resource entity in our model. Here the terms "team" and "repository" are referred to as source types).
Source System: This field filters data based on where the entity comes from. It could be an application integration, the system that assigns roles and permissions (RBAC), or the source of insights.
App: Select from the list of applications that have been integrated into your tenant. This helps filter entities based on specific apps. There can be multiple integrations of the same application but with different credentials.
Integration: Choose an application integration that has been set up in your tenant. This allows you to filter based on the specific integration you want to focus on.
User: Filter entities based on the user selected. This is useful if you want to see data tied to a specific user.
Manager: Filter by a manager. This helps you select data tied to users managed by the person you select.
Department: Use this filter to select entities tied to a department users belongs to. You can filter data based on the department.
Job Title: Filter based on the job title of users. For example, you can filter for all data associated with users who have the job title "Engineer."
Employment Type: Filter entities based on the employment type (e.g., full-time, part-time) of users.
Insights: This filter shows entities tied to specific insights set up in your tenant. You can filter based on the insights you’ve created for analysis.

Understanding the "Having" Section

The Having section is particularly useful when filtering based on how different entities are connected. An example of when this section can be used:

To select resources that an identity has access to through a connection, you can simply choose an identity as the entity type and use the having section to specify the connection that you want to see which the identity has access to.

The Having field allows you to filter based on these relationships. You can use it to narrow down data based on whether an identity has access to a resource, or if certain insights are tied to the data you're interested in. Those specified above are just a few examples for using the having field. You could get innovative and try selecting data you desire accurately if these fields are used efficiently.

Putting It All Together

Now that you understand the fields, you can create a filter by choosing a combination of them that fits your needs. For example, if you want to know which users in the Sales department have accessed a specific resource, you can set filters for Department = Sales and Resource = [specific resource]. Or, if you're looking for a report on how often users with a Manager job title are accessing a specific application, you can filter based on Job Title = Manager and App = [specific app].

By combining these fields in different ways, you can create customized filters to help you setup meaningful insights and rules based on your specific requirements.