The Summary dashboard has a dedicated section for events, which are security rules or alerts that got executed.

To see and to investigate events displayed on the Summary dashboard:

  1. Sign in to Logz.io.

  2. Go to SIEM.

    Investigate_events

  3. Scroll down to the Events section.

    Investigate_events

  4. Click the Investigate tab next to the event that you want to see more data on. It will build an OpenSearch Dashboards search showing the logs that have contributed to this event getting executed.

    Investigate_events