Click here to expand


    • The Incident workbench is Eventlog Analyzer's investigation console that unifies analytics of the core entities such as users, processes, and threat sources.
    • This feature facilitates users to add, compare, and analyze data with enriched integrations like UEBA and Advanced Threat Analytics.
    • Utilize the contextual assesment with risk based profiling, conduct faster root cause analysis by probing the process trees, and minimize the overall time taken to investigate and resolve threats.



    Here are the entities you can analyze using Incident Workbench:

    • Users

      Analytics offered: ML-based user activity and risk score data compiled through UEBA integration from Log360's suite.

    • Process

      Analytics offered: Process hunting tree with parent-child relationships and event timeline.

    • Threat sources

      Analytics offered: Risk analysis from security vendors using Advanced Threat Analytics integration.

    Access and usability:

    • Access: Incident workbench can be invoked from multiple dashboards of EventLog Analyzer such as reports, log search, compliance, alerts, and more.
    • Users can add upto 20 tabs in a single instance of the Incident Workbench and save it to an existing incident or create a new incident.

    Don't see what you're looking for?


      Visit our community

      Post your questions in the forum.


      Request additional resources

      Send us your requirements.


      Need implementation assistance?

      Try onboarding

    Get download link