Views:

Learn about the actions available for your search results.

Action
Description
Switch between search result views
Click the View drop-down menu and select a view:
  • Standard View: The default view. Only the Logged column is displayed.
  • Column: Fields are displayed as user-defined columns.
  • Field groups: Fields are organized into user-defined groups. The field group view includes the preconfigured Recommended Field Groups view.
Create custom views
On the Data Grouping panel, right-click any field to start creating a custom view.
You can add or remove fields from custom column views by right-clicking the field and selecting Add to Column View or Remove from Column View.
View the data grouping and matched events of your search result detections
On the Data Grouping panel, click expandIcon=GUID-20231214145353.png to expand any field and view the matched events from your detections.
View events in your search results
Click expandIcon=GUID-20231214145353.png to expand any event and view the detected data.
Export search views
Click export_button=GUID-C683DEEE-C19C-484D-A5B1-4CA9D1794756=1=en-us=Low.jpg to export the search view to a JSON file.
Import search views
Click the View drop-down menu and select Import Views to import one or more JSON files containing search views.
Related information