- New Search Features
- Known Issues in Search
- Addressed Issues in Search
- Search Issues Addressed in July 2024
- Search Issues Addressed in May 2024
- Search Issues Addressed in March 2024
- Search Issues Addressed in January 2024
- Search Issues Addressed in November 2023
- Search Issues Addressed in September 2023
- Search Issues Addressed in August 2023
- Search Issues Addressed in July 2023
- Search Issues Addressed in June 2023
- Search Issues Addressed in May 2023
- Search Issues Addressed in April 2023
- Search Issues Addressed in February 2023
- Search Issues Addressed in January 2023
Search Features Introduced in 2025
January 2025
Feature | Description |
|---|---|
Timeline View of Search Results | Exabeam introduces a new Timeline view of search results that brings the investigational timeline experience into the Search application. Analysts and threat hunters can use the Timeline view as a starting point for investigating risky or anomalous events while still leveraging the granular filtering capabilities of the Search application. The Timeline view is designed specifically with this task in mind. It's visually organized so that detection events are easy to spot and investigate. You can drill into the detections or the associated events to find detailed information and data insights. For more information, see Timeline View of Search Results in the Search Guide. This feature is currently available only if you have one of the New-Scale licenses. For more information see New-Scale Security Operations Portfolio Licenses. |
Rule Details Panel | A new Rule Details panel is available for viewing detailed rule information when search results return detection events. This new panel facilitates interactions with events that may represent a security threat or anomalous behavior. The panel includes a raw log message, a full list of parsed fields, and an expandable list of any rules associated with the detection event. For more information see Rule Details in the Search Guide. This feature is currently available only if you have one of the New-Scale licenses. For more information see New-Scale Security Operations Portfolio Licenses. |
Data Insights | A new Insights tab is available in the Event Details panel for any search results that include parsed user or device information. The Insights tab provides a quick, easy way to drill into information related to events in your results. It lets you visualize what else is going on around a selected event, within specific time ranges. For example, if an event shows that a user triggered an alert, you can investigate which other assets the user has accessed in the past few days, which countries the user logged in from, or what files the user accessed. For more information, see Data Insights in the Search Guide. This feature is currently available only if you have one of the New-Scale licenses. For more information see New-Scale Security Operations Portfolio Licenses. |
Entity Searching | A new Entities tab has been added to the pre-built search lists in the Basic Search window. From the new tab you can search user and entity accounts using more of the enriched data than is available by searching with common event fields. For more information, see Pre-Built Basic Search Lists in the Search Guide. This feature is currently available only if you have one of the New-Scale licenses. For more information see New-Scale Security Operations Portfolio Licenses. |