Best way to search for vulnerabilites from previous reports

Nathan Dilgard

• March 28, 2019 14:45

Hi there,

I'm pretty new to using Alert Logic and was wondering what is the best way to use the search function to search for vulnerabilities that have shown up in previous reports? Also, any tips and tricks on how to use the search function would be greatly appreciated as well.

Yes 0 No

• Official comment

  

  Abby Kincer

  • April 03, 2019 14:38
  • Edited

  Nathan - thanks so much for reaching out. I'm not positive whether you're referring to log search or Cloud Insight and/or scan-discovered host vulnerabilities, so here's information for both!

  Cloud Insight is configured to run daily host scans to report on discovered vulnerabilities in an AWS environment. The results of these scans can be found under Remediations in the Alert Logic console. Reports can be run against these findings at Reports > Vulnerabilities. Here's some documentation to help you navigate the console:

  • Remediations
  • Reports

   

  Cloud Defender also scans, and these can be configured and viewed at Overview > Dashboard > Scans. Reports can also be run against these discovered vulnerabilities at Reports > Scheduled > Vulnerability Reports. Another resource for you:

  • Scan types

   

  Under Search, you can perform searches against all system logs sent to us and any events discovered by our threat management service. Search resources:

  • OmniBox Log Search

   

  Tips and tricks on using search:

  • Search Assistant Projections
  • Create Complex Log Searches
  • Examples of Common Log Message Searches

   

  I also recommend that you review this Knowledge Base section on the Alert Logic Console Overview and that you take advantage of our product training videos!

  There's a lot to unpack here, but hopefully it will help you better understand our search capabilities! Please let me know if you have any additional questions.

Please sign in to leave a comment.