Cloud SIEM has an integrated platform for security events management. Here you can view security events that have occured, edit them, assign a security rule to a team member. You can filter the list using the top menu filters and the search bar.
Access Event Management
To access the Event Management platform:
Sign in to Logz.io.
Go to SIEM > Event Management.
Edit an event rule
To edit a rule for an event:
Select the three dots menu on the right side of an event that you need to edit and then select Edit. It will open the editor for the event rules.
Edit the rule conditions. This is different for regular rules where you can edit any field and a protected rule where some fields are locked.
Edit the event information
To edit the management information on an event:
Select Edit on the event row.
Change the rule status, assignment or a comment to the rule.