- Search Overview
- Search Home Page
- Performing Searches
- Basic Search
- Advanced Search
- Advanced Search Building Blocks
- Running an Advanced Search Query
- Query Syntax
- Query by Subject
- Query by Vendor and Product
- Query by Field and Value
- Query by Context Table
- Query Using Regex
- Free Text Search
- Query Using Advanced Query Language Operators
- Query Using Aggregation Functions
- Query Using Structured Fields
- Dynamic Field Extraction
- Natural Language Search
- Anomaly Search
- Refine a Search
- Context Tables in Search
- Search Best Practices
- Search Results
- Dashboard Visualizations
Search Overview
One of the primary activities of a Security Operation Center is searching the log repository for specific events. Searching is the first step of any investigation. It is where you access all your logs and filter through them, looking for events that match your criteria.
Exabeam Search provides an intuitive interface that enables you to quickly find logs and events so that you can detect threats in seconds. Search provides visual and contextual options for filtering, extracting, and honing your data analysis. Timelines, default filters, and detailed queries are available.
You can interactively explore your data repository from Search. You have access to every event that matches the search query within the selected date and time range. You can submit search queries, filter the search results, and view event data. You can also see the number of events that match the search query and get field value statistics. The distribution of events over time is displayed in a histogram at the top of your search results.
The following image illustrates where Search is integrated into the overall schema of the Exabeam Security Operations Platform:
