Hi everyone.
Looking for some genuine guidance.
Is there any possible way, through which I can show Investigations, which are in OPEN state(assigned to some SOC analysts already), in an InsightIDR dashboard card?
Thanks.
Home → Security Operations Activity → Investigation Activity Card may help
1 Like
Thanks Mike!!
This partially resolves my issue, because I want some more information within the dashboard such as, assignee name, Investigation type etc.
I’m curious too. There’s the internal log but that’s querying events and not current state.
Yes @jclawson1. There is no provision of nested queries too in LEQL.