The Visualizer is a graphical user interface that analysts
and investigators use to analyze the results of alerts, relationships,
and entity resolutions.
The Visualizer is hosted by an embedded version of IBM WebSphere
Application Server. You configure the Visualizer through the Configuration
Console and through the Visualizer Preferences selection
on the File menu.
Visualizer users can accomplish various analysis tasks:
- Analyze and disposition alerts
- Alerts generated by entity resolution processing represent relationships
or entity resolutions of interest to an organization. Typically, analysts
review alerts and decide what action to take, if any, based on the
alert information. There are three types of alerts: role alerts, attribute
alerts, and event alerts.
- The Visualizer displays the alerts, providing analysts with both
textual and graphical views of the alerts and the entities involved
in the alerts. Analysts can drill down into the details and then set
the disposition status of the alert appropriately.
- Create and manage attribute alert generators
- Using the Visualizer, analysts can create and manage persistent
searches through the Attribute Alert Generator feature, and manage
how they view and receive attribute alerts. Analysts can create Attribute
Alert Generators based on attribute data to locate identities that
resolved to entities based on that attribute data. Or analysts can
create an Attribute Alert Generator to persistently search the entity
database looking for a particular entity.
- Find entities
- Visualizer users can also find entities for further analysis using
several methods:
- By attributes
- By data source account
- By entity ID
- By resolution (how closely the criteria entered matches identities
and entities in the entity database, based on minimum resolution score
thresholds)
- Add entities and disclosed relationships
- Analysts can use the Visualizer to add records for entity resolution
and relationship detection. They can add a single identity record
or load a UMF file containing a few thousand identity records. Just
as when identity records are added through acquisition programs, records
added through the Visualizer are processed by a pipeline for entity
resolution and relationship detection. The results of processing are
written to the entity database, and any alerts are published to the
Visualizer.
- Analysts can also disclose relationships between entities (by
identity), when they know of a link between the identities. Examples
of disclosed relationships include relating entities based on emergency
contacts or references listed on an employment application. The entity
disclosed these relationships on the application.
- Generate and print reports
- The Visualizer also contains several reports that analysts can
view and print to help them manage and track their Visualizer work.