Overview: Events Feature

A vast amount of events occur in your infrastructure every single second. The Threat Stack Cloud Security PlatformⓇ (CSP) helps you view, organize, and find events of interest to your security concerns within this array of information.

To assist you in this work, the Events tab contains the following information:

  1. All Raw Events tab – Displays every single event ingested by the Threat Stack CSP within the specified date range. For more information, see All Raw Events Tab.

    Note

    The Threat Stack CSP retains events for three days. Events that trigger an alert are retained for 365 calendar days.

  2. My Event Queue tab – Displays any event you select for further review. For more information, see My Event Queue Tab.
  3. Search for Events – A variety of criteria you can use to search for and display selected events. For more information, see Search for Events.

EventsTabSections.png

What Events Does the Threat Stack CSP Ingest?

  • Audit
  • CloudTrail
  • File Integrity Monitoring (FIM)
  • Kubernetes Audit
  • Kubernetes Configuration
  • Linux Host
  • Login
  • Threat Intelligence (ThreatIntel)
  • Windows Host

Related Articles

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request