Skip to main content
Skip table of contents

View Ransomware Events

When ransomware is detected, an AlertEvent is triggered and recorded. To view AlertEvent incidents:

  1. Log in to the LogRhythm NDR UI.
  2. Click the Hunt tab, and then click Activity.
    The Activity page appears. By default, the legend graph is displayed, showing the logs and events for the past hour.
  3. To view the AlertEvent instances alone, click AlertEvent.
    All AlertEvent-related events appear.
  4.  To search for ransomware-related AlertEvent instances, type Ransomware in the search field and click Search.
    All ransomware-related AlertEvent instances appear.
  5. Click the + button next to ransomware-related AlertEvent entries.
    A submenu with expanded Details and JSON tabs appears.
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.