Views:

Learn about the actions available for your query results.

Action
Description
Export query results
Click export_button=GUID-C683DEEE-C19C-484D-A5B1-4CA9D1794756=1=en-us=Low.jpg and select from the drop-down menu to export the query results in CSV or JSON format.
Switch between query result views
Click View and select a view:
  • Standard View: The default view. Displays only the Logged column.
  • Column: Displays fields as user-defined columns.
  • Field groups: Organizes fields into user-defined groups. The field group view includes the pre-configured Recommended Field Groups view.
Create custom views
On the Data Grouping panel, right-click any field to start creating a custom view.
You can add or remove fields from custom column views by right-clicking the field and selecting Add to Column View or Remove from Column View.
View the data grouping and matched events of your query result detections
On the Data Grouping panel, click expandIcon=GUID-20231214145353.png to expand any field and view the matched events from your detections.
View events in your query results
Click expandIcon=GUID-20231214145353.png to expand any event and view the detected data.
Import query views
Click View and select Import Views to import one or more JSON files containing views.
Related information