Simple Search In Incident Management

Introduction

This article will provide information about performing simple searches within your cases in Incident Management.

Simple Search Queries

You can use the following key-value queries to search by case name, case status, and case priority level.

 

To search by case name, use the following query:

Incident.Info: "Case name"

 

To search by the status of the case, we need to use the following query:

Incident.Status: "Open"

Incident.Status: "Close"

 

To search by the priority status of the case, we need to use the following query:

Priority.Name: Low

Priority.Name: Medium

Priority.Name: High

 

mceclip0.png

In the above example, it is shown how to search and find a case named "Multiple Critical Alerts Detected in 1 hour" which is in an open state and has a high priority level.

Used Query:

Priority.Name:High Incident.Status: Open Incident.Info:"Multiple Critical Alerts Detected in 1 hour"

Was this article helpful?
0 out of 1 found this helpful

Articles in this section

See more
Become a Certified Logsign User/Administrator
Sign-up for Logsign Academy and take the courses to learn about Logsign USO Platform in detail. Enjoy the courses, and get your badges and certificates. In these courses, you'll learn how to use Logsign in your work and add value to your career.
Visit Our Blog
Our Logsign USO Platform illustrate our expertise. So do the blog. Through our blog posts, deepen your knowledge on various SecOps topics or get updated about important news & modern approaches for cybersecurity. Get into the habit of reading valuable information provided by Logsign. Be a step ahead.