Visualizing Security Stories with Timeline View
Through Timeline View, security analysts have a consolidated, chronological view of user or host activity. The view includes all data related to the incident and is automatically contextualized to provide a quick view into how a potential incident has played out thus far. With Timeline View, analysts can easily further their investigation without needing to navigate off the existing page to understand the cause and scope of a given incident. Analysts can also go deeper into the data presented by drilling down into specific timeline events and reviewing the underlying raw data.
“We’re thrilled to bring Timeline View to our customers with the release of LogRhythm 7.7,” said Rusty Carter, chief product officer at LogRhythm. “We understand how challenging it is to manage the detection and response process if you have to use multiple screens, so our goal was to make it easier for analysts to not only get an overview as to how an incident is progressing, but to also be able to drill down into that contextualized activity is vital to rapidly making accurate decisions.”
To even better visualize relationships, patterns and abnormalities present in log data, LogRhythm’s Detail Page pairs Timeline View with Node Link graph (previously introduced in LogRhythm 7.5). This combination allows analysts to investigate incidents from multiple perspectives and to quickly determine the timing and scope of an incident.
Additional Benefits Provided by 7.7
In addition to Timeline View, LogRhythm 7.7 introduces a number of new features designed to improve analysts’ daily workflows and the ability to interact with other technologies. Specific benefits include: