データエクスプローラ license options
データエクスプローラ is a licensed Managed Detection and Response(MDR) add-on that lets you search analyzed event data. Each license option controls what data is available and whether you can access additional reporting features.
The Arctic Wolf® 統合ポータル includes several reporting features that are based on analyzed events. These events are generated as part of the Arctic Wolf MDR service. In データエクスプローラ, you can search all analyzed events over a specific time period. Data availability is based on your current license.
- View observations related to an analyzed event — For more information, see Observation pipeline.
- Create custom alerts — This feature lets you create custom alerts for scheduled データエクスプローラ query runs. For more information, see Saved queries and custom alerts.
- Search raw logs — In the 生ログ検索 interface, you can search through the raw logs ingested by Arctic Wolf for security monitoring. Data availability is based on your data retention policy.
データエクスプローラ Lite grants limited access to search analyzed data generated over the last three days.
| Feature | データエクスプローラ Lite | 14-day license | 30-day license | 90-day license |
|---|---|---|---|---|
|
Data Explorer |
Included |
Last 14 days |
Last 30 days |
Last 90 days |
|
Dashboards |
Included |
Included |
Included |
Included |
|
Custom alerts |
Not included |
Included |
Included |
Included |
|
生ログ検索 access |
Not included |
Included |
Included |
Included |