Run an analyzed log search

Data Explorer allows you to search through analyzed logs from all ingested log sources. You can:

Before you begin

You must have a valid Data Explorer license.
For more information, see Data Explorer license options.

Sign in to the Arctic Wolf Unified Portal.
In the navigation menu, click Data Exploration > Data Explorer.
Optional: In the Date Range fields, click Calendar to select a time range.
In the Load Query (Optional) list, select a preset or saved custom query.

Tip: Preset queries are included with Data Explorer and cannot be edited. Saved queries are defined by users in your organization. If you select a saved query from the Load Query (Optional) list, the View Settings option will appear.

After selecting a query from the Load Query (Optional) list, predefined values are added to the Query Builder.
Click Run Query .
Optional: Complete any of these actions:

Sign in to the Arctic Wolf Unified Portal.
In the navigation menu, click Data Exploration > Data Explorer.
Optional: In the Date Range fields, click Calendar to select a time range.
In the Query Builder section, use operators to define a dataset.
For more information, see:
- Query Builder
- Data Explorer fields
Tip: You can start by loading a predefined query into the Query Builder. In the Load Query (Optional) list, select a predefined query. Then, modify the query as desired.
Click Run Query .
Optional: Complete any of these actions: