cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Raw Data Searchable in Activity Logs

MariaYacaman
Brass Contributor

‎Dec 20 2018 02:25 PM - edited ‎Dec 20 2018 02:25 PM

‎Dec 20 2018 02:25 PM - edited ‎Dec 20 2018 02:25 PM

Raw Data Searchable in Activity Logs

Hello Everyone,

 

Activity logs contain a button called 'Raw Data'. I was wondering if I can apply filters and search for specific values in the field included in the Json raw data? Or if it possible to do it in any way, such as the Power Shell module or by sending the alert to the SIEM.

 

I look froward to hearing from you.

Thank you.

Maria Y.

Labels:
1,622 Views
0 Likes
2 Replies
Reply
2 Replies
Ryan Heffernan

‎Dec 21 2018 12:23 PM

‎Dec 21 2018 12:23 PM

Re: Raw Data Searchable in Activity Logs

@Danny Kadyshevitch or @Dima Donhin: Do you have any insight on this?

0 Likes
Reply
Dima Donhin

‎Dec 23 2018 07:01 AM

‎Dec 23 2018 07:01 AM

Re: Raw Data Searchable in Activity Logs

Hi,

Raw data is not searchable in MCAS.

You can search on any of the formatted attributes, as well as the info located in Activity Objects.

If you have specific data that interest you in the raw data you can send an activity feedback and we'll look into adding it as an activity object.

 

Regards,

Dima

0 Likes
Reply