Sorting events in the table
You can sort events in the table by the Event time, Event type, Host, and User name columns.
To sort events in the event table:
- Select the Threat Hunting section in the program web interface window.
This opens the Threat Hunting window.
- Define the criteria for searching events in design mode or source code mode.
The table of events that satisfy the search criteria is displayed.
- If you want to sort events by time, click one of the icons to the right of the Event time column name:
to display newer events at the top of the table.
to display older events at the top of the table.
- If you want to sort events by the event type name, click one of the icons to the right of the Event type column heading:
- to sort alphabetically, A–Z.
- to sort alphabetically, Z–A.
- If you want to sort events based on the names of host on which the alerts were generated, click one of the icons to the right of the Host column name:
- to sort alphabetically, A–Z.
- to sort alphabetically, Z–A.
- If you want to sort events based on the user names of hosts, click one of the icons on the right of the User name column name:
- to sort alphabetically, A–Z.
- to sort alphabetically, Z–A.
- If you want to group events based on the names of hosts or by the event type name, click one of the values in the Group by drop-down list:
- Group by host name if you want to group events by the names of hosts.
- Group by event type if you want to group events by the names of event types.
If events were sorted by the Host or Event type field, the sorting result is cleared when events are grouped by a similar attribute. To return to the sorting results, select the Group by value from the Group by drop-down list.
By default, events in the table are sorted by time, with the newest events at the top of the table.
You can sort events based on one attribute only.
When sorting by event type in a foreign language, events are sorted based on the internal name of the event type in English.
Page top