Organization tab or filter
planned
C
Cory Guzman
I know this was mentioned in our introduction to the SIEM, but a way to at least sort out the organizations from each other, even just being able to filter so the organization we want to look for is on top. It's a little difficult to sift through logs while seeing logs from other companies splattered in.
Chris Bisnett
planned
This is something that we've heard from a few people and while you can filter to a single organization, you can't select multiple. We'll be adding this in the near future.
C
Christopher Sutherland
I think you can already do this - by changing the organisation in the top left dropdown.
By default / looking via your account organisation, your URL would be something like:
CoryOrg[.]huntress[.]io/account/logs
But, if you change the org/client in the dropdown, url should be something like:
CoryOrg[.]huntress[.]io/org/123455/logs
Have I understood your idea correctly?
Chris Bisnett
Christopher Sutherland: You are correct that this will work for one organization, but if you wanted to search the logs of multiple organizations at the same time or filter out some organizations, you can't do that today with the search query since we don't expose the organization names or IDs as a column.
C
Cory Guzman
Chris Bisnett Thank you both, at the time I was not familiar with the method Christopher provided, that was something that has helped me greatly, but I'm glad to hear this is something that is being worked on I appreciate it Chris!