Results Views in Exabeam Data Lake
Data is presented in panels below the banner menu. There are four ways to view the data. Results can shared or exported (PDF or CSV format) by selecting the icons on the upper right of the primary pane.
 |
Note
Data Lake can export up to 1 million search local query results. These results will be batched in files of 10,000 log events per file and zipped together. For cross-cluster searches, up to 10,000 query results can be exported.
Timeline View
The Timeline is the graphically displays the volume of activity for a given timeframe.
 |
You can collapse and expand the Timeline by selecting the Collapse/Expand icon.
 |
You can refresh timeline at a specific pace by selecting an update interval in Time View.
 |
Enhanced View
In Enhanced view, raw log and data from matching fields are displayed. Click Show more or View All to expand or contract the view with Show less or Collapse.
 |
Table View
The Table view allows you to create your own tables with fields of your choosing.
 |
On first time viewing with no established table, you select available fields listed in the left pane. Once selections are made, click Create Table to generate a table view.
 |
Raw View
The Timeline is the graphically displays the volume of activity for a given timeframe.
 |