Support

Support for business applications

Kaspersky XDR Expert

Threat hunting

Kaspersky Next XDR Expert
Online Help
FAQ Forum Contact support Recovery tools

Threat hunting

May 15, 2024

ID 249242

Get as PDF

The Threat hunting page contains tools that help you analyze events to search threats and vulnerabilities that have not been detected automatically. To create an alert from a set of events, select the events, and then click the Create alert button.

You can open the Threat hunting page in any of the following ways:

  • In the main menu, go to Monitoring & reporting → Threat hunting.
  • In the Alert or Incident details, invoke the context menu for an attribute, and then select Search in Threat Hunting.
  • In the Incident details, click the View on graph button. In the investigation graph that opens, click the Threat hunting button.

The Threat hunting page displays events. You can filter out events:

  • By editing the SQL query
  • By changing the time range
  • By selecting the tenants to which the events belong

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.