Feature #7706
openUsers should be able to choose which information about events should be displayed in the event search
0%
Description
Now there are fixed fields displayed in the event search (detected at, sources, severity, category, detector and abuse group). But it could be useful to allow users to choose which fields (e.g. description, port, protocol) should be displayed there instead - this could be helpful when searching for something specific, that cannot be specified through our form.
Based on input from Pavla Hlučková.
Example use case: I want to see description (or other field not displayed there by default) of the searched events without needing to open them all, which could save a lot of time and clicks.
Related issues
Updated by Jakub Judiny 9 months ago
- Related to Feature #7707: All fields in search form should have negations added
Updated by Jakub Judiny 3 months ago
Another possible use case: When user is trying to search events based on target fields such as target class, only source IP addresses will be displayed in the show view, which is not very useful when user is concerned with targets.
Updated by Pavel Kácha 3 months ago
Note: In RT#1274769 wish for target ports and services visible on search results was mentioned.