Views:

Context menus provide additional search options that you can access during an investigation, after encountering objects or data that you want to further explore.

The following table describes the search actions available for certain events or objects found in your environment.
Action
Description
New Search: match field and value
Opens another instance of Trend Vision One and creates a new search query with the selected value added as search criteria
New Search: search by endpoint +/- 1 min
Opens another instance of Trend Vision One and creates a new search query with the selected value added as search criteria for endpoint activities. The time range for the new search is limited to one minute before and after the logged time.
New Search: search by endpoint +/- 5 min
Opens another instance of Trend Vision One and creates a new search query with the selected value added as search criteria for endpoint activities. The time range for the new search is limited to five minutes before and after the logged time.
New Search: search by endpoint +/- 10 min
Opens another instance of Trend Vision One and creates a new search query with the selected value added as search criteria for endpoint activities. The time range for the new search is limited to ten minutes before and after the logged time.
Add Filter: field IS value
Adds the selected value as search criteria to the existing search query
Add Filter: field IS NOT value
Adds the selected value as an exception to the existing search query
Add Filter: field IS EMPTY
Adds the selected field with no value as search criteria to the existing search query
Add Filter: field EXISTS
Adds the selected field with any value as search criteria to the existing search query
Google
Opens a new browser tab and searches Google for the selected value
VirusTotal
Opens a new browser tab and searches VirusTotal for the selected value
View Event in Observed Attack Techniques
Opens a new browser tab and shows events in the Observed Attack Techniques app for the selected value