The following is an example of how to retrieve XDR data on the Alerts page.

Procedure

  1. On the left navigation pane, click Alerts.
  2. In the Filters pane on the left, scroll to ATT&CK Tactic and select TA0002.
    Tip: Click the vertical 3-dot Configuration menu to configure the filters that display in the console. For example:
    Configure Filters menu on the Alerts page
  3. Construct and run your search query. For example, filter for Intrusion Detection System.
    Alternatively, you could search for type:INTRUSION_DETECTION_SYSTEM in the Search bar.
    Note: See netconn-specific XDR search fields in XDR Search Fields. See all search fields in the in-product Search Guide.

What to do next

See Exploring XDR Data for ways to view and investigate your search results.