Cloud SIEM has an integrated platform for security events management. Here you can view security events that have occured, edit them, assign a security rule to a team member. You can filter the list using the top menu filters and the search bar.


The event manager has a retention period of 2 weeks. Older events are saved as logs on your security account and can be viewed from OpenSearch Dashboards.

Access Event Management

To access the Event Management platform:

  1. Sign in to

  2. Go to SIEM > Event Management.


Edit an event rule

To edit a rule for an event:

  1. Select the three dots menu on the right side of an event that you need to edit and then select Edit. It will open the editor for the event rules.


  2. Edit the rule conditions. This is different for regular rules where you can edit any field and a protected rule where some fields are locked.


Edit the event information

To edit the management information on an event:

  1. Select Edit on the event row.


  2. Change the rule status, assignment or a comment to the rule.