Skip to main content
Skip table of contents

Search Page

To access the Search page:

  1. Log in to LogRhythm NDR's new UI.

  2. Click Search from the sidebar menu.
    The Search page appears displaying two tabs: Search History and Saved Query.
    The Search History tab displays a list of queries along with details such as Type, Created On, and Actions.

  3. To delete a query, click the Delete icon in the Actions column.
  4. Click the Search icon to view the search results related to the query.
  5. Click the Saved Query tab to see the list of saved queries along with details such as Name, Query, Created On, and Actions.

Use Cases for Search Activity in New UI

  1. Log in to the LogRhythm NDR's new UI.
  2. Enter the following in the Search Logs search bar and click Activity from the drop-down.
Search ValueResult
entry_type:"DnsAnomalyEvent"This lists the “Dns anomaly Events” in the form of a table.
entry_type:"ConnAnomalyEvent"This lists the “Conn anomaly Events” in the form of a table.
entry_type:"HttpAnomalyEvent"

This lists the “Http anomaly Events” in the form of a table.

The Observed value and the expected value are listed in the Activity column of the table for each entry.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close