Skip to main content

Threat CenterThreat Center Guide

Table of Contents

Enter a Search Using Natural Language in Threat Center

To quickly create complex searches without knowing Exabeam Query Language, type out a search query using natural language.

Like natural language search in Search, you enter a search prompt using everyday, conversational language and full sentences, as if talking to another human; for example, Return all threats related to IP address 1.1.1.1.

After you enter your natural language search prompt, Threat Center uses AI to convert it into Exabeam Query Language syntax; for example, dest_ip:"1.1.1.1" OR src_ip:"1.1.1.1". The more you use it, the better the AI becomes at generating a query that accurately captures what you're searching for.

After you see the converted query in Exabeam Query Language syntax, you can refine the natural language prompt or the Exabeam Query Language query to return your desired search results.

Enter a Search for Cases

  1. Navigate to the Cases tab, then in the Search mode menu, select Natural Language.

  2. In Type your natural query..., enter a search prompt. After a few seconds, the prompt is converted into Exabeam Query Language syntax and appears in Your query in EQL will appear here. If you mention a time range in your prompt, it's automatically reflected in the time range menu.

  3. To refine your search, edit the prompt or the Exabeam Query Language query.

  4. Click Search.

Enter a Search for Alerts

  1. Navigate to the Alerts tab, then in the Search mode menu, select Natural Language.

  2. In Type your natural query..., enter a search prompt. After a few seconds, the prompt is converted into Exabeam Query Language syntax and appears in Your query in EQL will appear here. If you mention a time range in your prompt, it's automatically reflected in the time range menu.

  3. To refine your search, edit the prompt or the Exabeam Query Language query.

  4. Click Search.