-
Log in to the LogRhythm NDR's new UI.
-
Enter the following in the Search Logs search bar and click Activity from the drop-down.
|
Search Value |
Result |
|---|---|
|
entry_type:"DnsAnomalyEvent" |
This lists the “Dns anomaly Events” in the form of a table. |
|
entry_type:"ConnAnomalyEvent" |
This lists the “Conn anomaly Events” in the form of a table. |
|
entry_type:"HttpAnomalyEvent" |
This lists the “Http anomaly Events” in the form of a table. |
The Observed value and the expected value are listed in the Activity column of the table for each entry.