Support

Support for business applications

Kaspersky Endpoint Detection and Response Expert

Threat hunting

Viewing and configuring the event list
Kaspersky Endpoint Detection and Response Expert
Online Help
Advice & Solutions FAQ Download Forum Contact support Recovery tools Product videos

Viewing and configuring the event list

March 20, 2024

ID 221537

The event list is displayed after completion of the search for threats in the events database.You can customize the event table for ease of analysis, group and sort events, view details of the events, and take action if necessary.

Grouping events

By default, the events are ungrouped. They are arranged in a single list. You can group events by asset name or event type.

To group events:

  1. In the main menu, go to MONITORING & REPORTING THREAT HUNTING, and then run a query.
  2. Click the Group by button.
  3. Select how you want to group events:
    • Asset name
    • Event type

The events are grouped.

To cancel grouping the events:

  1. Click the Group by button.
  2. Select Ungroup.

The events are ungrouped. Events are arranged in a single list.

Sorting events

You can sort events by the clientsideeventtime and timestamp event fields.

To sort the list of events:

  1. Click the name of the clientsideeventtime or timestamp column.
  2. Choose descending or ascending order.

The values are sorted. The arrow next to the column name shows the sort direction.

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.