Hunting
Use the Hunting tab to find the active events and exempted events. The Hunting tab includes the following sub-tabs to view events:
- Events: It lists all the events registered and executed on the assets.
- Exempted Events: It lists all the events for which the exceptions are created.
The following screenshot displays the actions that you can perform on the Hunting tab:
- Search for events (1),
- Events that occurred in a specific time frame (2),
- Search events by type (3),
- Group By (4),
- Filters (5),
- View event details and asset details (6)
Group By: Use the Group By option to view the count of events based on the selected option.
Filters: Use the Filters option to list the Severity and Source of the assets. You can select the severity between Critical, High, Medium, and Low. You can select Anti-malware and EDR from the Source filter.
The following screenshot is an example of High severity and EDR source:
Quick Actions: Hover the mouse over an Object to view the Quick Actions menu.
The Quick Actions menu includes the following options: