raw – SGBox Next Generation SIEM & SOAR https://www.sgbox.eu Next Generation SIEM & SOAR Thu, 03 Jul 2025 14:06:36 +0000 en-US hourly 1 https://wordpress.org/?v=6.8.2 https://www.sgbox.eu/wp-content/uploads/2025/02/cropped-SGBox-symbol-png-32x32.webp raw – SGBox Next Generation SIEM & SOAR https://www.sgbox.eu 32 32 Historical Search https://www.sgbox.eu/en/knowledge-base/historical-search/ Wed, 12 Mar 2025 14:01:56 +0000 https://www.sgbox.eu/?post_type=epkb_post_type_1&p=30223

Historical Search

This section is used to analyze logs coming from each data source. You can see them in:  LM > Analysis > Historical Search

Logs are stored in a database, when you need to search logs  and you can use operator like “AND”, “OR” and “NOT” to filter the search results.
You can choose the host/asset from which you want to extract logs and set a time range. When “case sensitive” is active a check is made in the search bar of the characters, upper and lower case, that are entered.

 

Special characters (wildcards) can be used in requests like in the SQL language.
In particular, the character ‘%’ represents an arbitrary number of characters while the character ‘_’ represents a single character. For this reason the string “Beatrice” can be represented as “Bea%c_”

]]>