Skip to main content
Skip table of contents

Users Page

To access the Users page:

  1. Log in to LogRhythm NDR's new UI.

  2. Click Users from the sidebar menu.
    The Users page displays three tabs: Highlighted Users, User Activity, and All Users.

Highlighted Users Tab

  1. Click the Highlighted Users tab.
    In the Highlighted Users tab, three parallel lists (Watched Users, Critical Users, and Notable Users) are available where we can search for specific entries from the lists.
    If an entry from the Watched Users, Critical Users, or Notable Users is selected, the User details page appears where details such as user score, cases, and user details are available.
    A user entry can be tagged as a Critical User and Watched User by clicking the Watched/Critical button available in each user entry.

User Activity Tab

  1. Click the User Activity tab.
    A bar chart is available that represents the host's activity and the bar chart's legend also classifies the user's activity when you click on it.
    A user activity table is available below the bar chart where the activities of the user are listed with information such as Time, Activity, Entry Origin, and Entry UUID.

  2. To view more activity, click the Date Range/Time picker drop-down menu option available next to the Search field at the top-right of the page.

  3. To export the user details, click the Export icon.

  4. To add or remove column headers, click the Show Columns icon.

  5. Click the column headers in the table to sort the table entries in the ascending or descending order.

  6. To filter the columns, click the Column filter toggle icon.

  7. To expand the two tabs, Details & Raw Data (JSON), click the user activity entry.
    The Details tab contains preliminary data such as Created at, Date, Entry Origin, and Entry UUID.
    The Raw Data (JSON) contains these details and more in the JSON format.

All Users Tab

  1. Click the All users tab.
    A list of users with information such as Entry UUID, Tag, Score, and Critical are presented.

  2. Click the column headers in the table to sort the table entries in the ascending/descending order.

  3. To get raw data pertaining to each user, click the user activity entry.

  4. To add or remove column headers, click the Show Columns icon.

  5. To export the user details, click the Export icon.

  6. To filter users, click the Show/Hide Column filters and select your filter parameters.

  7. To see the list of total number of IOAs, click IOA.

    You can also access case-events page from the IOA list.
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close