Skip to main content

Investigate Events

Logz.io Cloud SIEM helps you monitor, detect, and investigate security events in your environment in several ways:

Event Management dashboard provides visibility into the triggered security events, allowing you to track triggered event rules, set the event status, assign an event handler, use comments to add information and prioritize how those issues are handled.

Investigate security events from the Summary dashboard by clicking the Investigate tab next to the event you want to get more data on. It will build an OpenSearch Dashboards search showing the logs that contributed to this event's execution.

Investigate_events

Add drilldown links to speed up and streamline investigations and debugging processes.

Or research in OpenSearch Dashboards to view and search through your logs.