Alert‑Related Visualizations in Threat Activity Dashboard Missing Required Filters

[mjabascal10]

Acknowledgements

• I have searched (https://github.com/utmstack/UTMStack/issues) for past instances of this issue
• I have verified that my UTMStack version is up-to-date

Describe the bug

The Threat Activity dashboard is missing a required global filter across all visualizations. Currently, charts and widgets display unfiltered data, which leads to inconsistent results and incorrect threat visibility.

Regression Issue

• Select this option if this issue appears to be a regression.

Expected Behavior

All visualizations in the Threat Activity dashboard should automatically apply the required global filter set, ensuring:

• Only active alerts (status ≠ 1) are displayed
• Alerts tagged as False positive are excluded
• Parent alerts are excluded, showing only actionable leaf‑level alerts
• A date‑range filter is applied consistently across all visualizations, restricting results to the selected time window

Current Behavior

The Threat Activity dashboard loads normally, but none of the required global filters are applied to the visualizations. As a result, charts display unfiltered data, including:

Alerts with status = REVIEW
Alerts tagged as False positive
Parent alerts

This leads to inconsistent and misleading threat activity metrics across the dashboard.

Reproduction Steps

1. Go to the Dashboard section in the UTMStack UI
2. Open the Threat Activity dashboard
3. Inspect any visualization within the dashboard
4. Observe that none of the required global filters are applied

Possible Solution

No response

Additional Information/Context

No response

UTMStack Version

11.1.5

Operating System and version

Ubuntu 22.04

Hypervisor and Version | Server Vendor and Model

Browser and version