Hunt Geo Activity

To access the Hunt Geo Activity page:

1. Log in to LogRhythm NDR's new UI.
2. Click Hunt from the sidebar menu and then click Geo Activity.
   The Geo Activity page displays the Geo Chart and Geo Table.
   Geo Activity is a global map where the occurred events are marked and the entry UUIDs are specified.
   When you hover over the entry UUID marked on the map, a tooltip provides information about that specific event such as the Date, Entry Type, and Event Trigger.
   
3. To navigate to the specific case event and view more details, click on a particular UUID.
4. To filter from the list of available entries on the Geo Chart, use the Anomaly and Threat Severity sliders.
5. To filter further, click the Date Range/Time picker drop-down menu option available next to the Search field at the top-right of the page.
   The Geo Table presents data such as Occurred On, Event Info, Activity, and Entry UUID.
   

6. Click the column headers in the table to sort the table entries in ascending or descending order.

7. Click the corresponding links provided in the table for further information on the topics.

8. To export the activity details, click the Export icon.

9. To add or remove column headers, click the Show Columns icon.

10. To expand and see more details such as Date, Community ID, and Destination ID, click on the entry.
11. Click the Raw Data (JSON) tab to see more details in the JSON format.
12. Click a particular User_UUID to activate the filter and only show entries pertaining to that particular User_UUID.
    This can be done in both the chart and the table.
13. To Enable/Disable an User_UUID and remove the filter, click the entry.
14. Click the Alert Event drop-down option available in the Event Info column, corresponding to a particular entry, to view the related logs.