Search actions from the context menu

New Search: match field and value

Opens another instance of Trend Vision One and creates a new search query with the selected value added as search criteria

New Search: search by endpoint +/- 1 min

Opens another instance of Trend Vision One and creates a new search query with the selected value added as search criteria for endpoint activities. This option limits the time range for the new search to one minute before and after the logged time.

New Search: search by endpoint +/- 5 min

Opens another instance of Trend Vision One and creates a new search query with the selected value added as search criteria for endpoint activities. This option limits the time range for the new search to five minutes before and after the logged time.

New Search: search by endpoint +/- 10 min

Opens another instance of Trend Vision One and creates a new search query with the selected value added as search criteria for endpoint activities. This option limits the time range for the new search to ten minutes before and after the logged time.

Add Filter: field IS value

Adds the selected value as search criteria to the existing search query

Add Filter: field IS NOT value

Adds the selected value as an exception to the existing search query

Add Filter: field IS EMPTY

Adds the selected field with no value as search criteria to the existing search query

Add Filter: field EXISTS

Adds the selected field with any value as search criteria to the existing search query

Google

Opens a new browser tab and searches Google for the selected value

VirusTotal

Opens a new browser tab and searches VirusTotal for the selected value

View Event in Observed Attack Techniques

Opens a new browser tab and shows events in the Observed Attack Techniques app for the selected value