Advanced data analytics

[martinscheu]

What would you like to add or change?: Certain Checks give high level information to the analyst, e.g. scan detected:

To further investigate what / who scanned the host, it would be very helpful to have the search query for historical flow automatically generated. I click on "Action/Historical" and I see all flows which triggered above alerts.

thanks.

Why do you and others need this?: