データエクスプローラ license options

データエクスプローラ is a licensed Managed Detection and Response(MDR) add-on that lets you search analyzed event data. Each license option controls what data is available and whether you can access additional reporting features.

The Arctic Wolf® 統合ポータル includes several reporting features that are based on analyzed events. These events are generated as part of the Arctic Wolf MDR service. In データエクスプローラ, you can search all analyzed events over a specific time period. Data availability is based on your current license.

Note: Your データエクスプローラ license affects 統合ポータル features outside of データエクスプローラ. For example, the time range options that appear in home page widgets and dashboards.
A full データエクスプローラ license has one of these data availability options: 14 days, 30 days, or 90 days. A full license grants you the ability to:
  • View observations related to an analyzed event — For more information, see Observation pipeline.
  • Create custom alerts — This feature lets you create custom alerts for scheduled データエクスプローラ query runs. For more information, see Saved queries and custom alerts.
  • Search raw logs — In the 生ログ検索 interface, you can search through the raw logs ingested by Arctic Wolf for security monitoring. Data availability is based on your data retention policy.

データエクスプローラ Lite grants limited access to search analyzed data generated over the last three days.

Feature データエクスプローラ Lite 14-day license 30-day license 90-day license

Data Explorer

Included

Last 14 days

Last 30 days

Last 90 days

Dashboards

Included

Included

Included

Included

Custom alerts

Not included

Included

Included

Included

生ログ検索 access

Not included

Included

Included

Included