Skip to main content
Skip table of contents

Search for Most Frequent Common Events

You may want to run an investigation periodically to determine the most frequent common events collected by LogRhythm.

  1. On the main toolbar, click Investigate.
  2. Select Configure New Investigation, and then click Next.
  3. On the Select Search Type screen, select the Platform Manager Search option.
  4. In the Select Date Range to Query section, select In the Last and enter 30 Days in the boxes.
  5. Click Next.
  6. On the Select Log Sources to Query screen, select All available Log Sources.
  7. Click Next, and then click Next again.
  8. Set the parameters as follows:
    • Maximum logs to query: 50,000
    • Aggregate log cache size: 50,000
    • Log cache size: 50,000
    • Query timeout: 180
  9. Click Next.
  10. (Optional) Enter a name and click Save.
  11. To run the Investigation, click Launch.
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close