Simple Search with Log Entry Query Language (LEQL)

Here we've added the search query in. We're asking the question, 'For the firewall activity over the chosen time period, which users are generating the most activity?'' The answer will be displayed as a chart, going from most to least events.

This is only possible because InsightIDR enriches the log data by tying IP address > asset > user activity together.

3 of 5

Save Queries for Easy Access

By clicking on the star, you can save a query for future use. These saved queries highlight the simplicity and flexibility of LEQL.

Choose the Time Frame You Want

Whether it's the past hour or the past month, easily filter to the range you want.

11906529

Contact Us

We're happy to answer any questions you may have about Rapid7