The Summary dashboard has a dedicated section for events, which are security rules or alerts that got executed.

To see and to investigate events displayed on the Summary dashboard:

  1. Sign in to Logz.io.

  2. Go to SIEM.

    Investigate_events

  3. Scroll down to the Events section.

    Investigate_events

  4. Click the Investigate tab next to the event that you want to see more data on. It will build a Kibana search showing the logs that have contributed to this event getting executed.

    Investigate_events