Skip to main content
Skip table of contents

Timeline Widget

The Timeline widget provides a sequential event log of all a user or host's activities, including a description for each event that helps explain the activity in plain English. Viewed chronologically, the widget is a way to "tell a story" about a user or host's activity in LogRhythm.

The Timeline widget, is only available on a Host Analyze or User Analyze details page, accessible when you click the View Details button on the Inspector panel of a log or alarm.

Activity Types

There are two activity types available in the Timeline widget: Logs and CloudAI.

Log Activity

Logs returned in the Timeline widget will appear in a log activity card. Each card displays the log's classification, common event, risk score, and normalized date. A contextualized sentence explaining the activity that occurred is centered on the card. To see more information on the activity, click the card.

CloudAI Activity

This activity is available to CloudAI customers only.

A block for CloudAI activity appears at the top of each hour, if any activity occurred. Each CloudAI event produces a card that displays the score, name of activity, number of observations, number of expected, and classification. To see more information on the activity, click the card.

It is possible that CloudAI activity may not appear for the first several hours after the widget displays, as the CloudAI processes events every 6 hours for the previous period. In addition, CloudAI events are only displayed for 30 hours.

Widget Settings

To open the Timeline widget settings, click the Gear icon in the upper-right corner of the widget. The following settings are available:

  • Widget Title
  • Sort Order. Ascending or Descending.
  • Activity Type. Logs or CloudAI Anomalous Events.
  • Lucene Filter. The ability to add a Lucene filter to the query to filter the data displayed in the widget.
  • Log Activity Classifications. A checklist of all classifications.
  • CloudAI Activity Events. A checklist of all CloudAI Activity Events

    This setting is available to CloudAI customers only.
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.