Searching and Reporting

XDR offers the ability to search nearly any component of ingested data.

Leverage Quick Search to search for single term items against all Data Types.

You can also use the Data Lake Search options to search for detections and events across your tenant:

• The AI Search interface enables you to translate natural language into Advanced Search query language.
• The Query Builder interface allows you to construct searches choosing your operators and defining fields.
• The Query Editor interface enables you to craft search queries from scratch using basic syntax, schemas, and operators.

Click the Pin icon in one of the interfaces to set it as the default in Data Lake Search.

Create Reports

Generate reports in XDR from a search query and configure them to run one time or at a scheduled recurrence. By default, reports output to PDF format, with the option to include a CSV format as well.

Access the following resources to learn more about reporting in XDR:

• Create Reports
• Available Reports
• Completed Reports
• Scheduled Reports
• Archived Reports
• Common Report Queries