lhs-panel Click here to expand


  • The Incident workbench is Eventlog Analyzer's investigation console that unifies analytics of the core entities such as users, processes, and threat sources.
  • This feature facilitates users to add, compare, and analyze data with enriched integrations like UEBA and Advanced Threat Analytics.
  • Utilize the contextual assesment with risk based profiling, conduct faster root cause analysis by probing the process trees, and minimize the overall time taken to investigate and resolve threats.



Here are the entities you can analyze using Incident Workbench:

  • Users

    Analytics offered: ML-based user activity and risk score data compiled through UEBA integration from Log360's suite.

  • Process

    Analytics offered: Process hunting tree with parent-child relationships and event timeline.

  • Threat sources

    Analytics offered: Risk analysis from security vendors using Advanced Threat Analytics integration.

Access and usability:

  • Access: Incident workbench can be invoked from multiple dashboards of EventLog Analyzer such as reports, log search, compliance, alerts, and more.
  • Users can add upto 20 tabs in a single instance of the Incident Workbench and save it to an existing incident or create a new incident.

Copyright © 2020, ZOHO Corp. All Rights Reserved.

Get download link