Viewing the Event details panel

To view the Event details panel, follow these steps.

How to display the event details panel

1. In the FortiDLP Console, on the left-hand sidebar, click .
2. Optionally, to filter events by using the search bar and/or a time range, see Performing Investigate searches.
3. Do one of the following:
   • To view the panel from the Event streams tab:
     1. Click the relevant event stream.
     2. Select the Events tab.
     3. Select the table row of the event.
   • To view the panel from the Activity feed tab:
     1. Select the Activity feed tab.
     2. Select the table row of the event.

The Event details panel displays.

4. Optionally, do the following:
   • To add the event to a case, click Add to case and add the event to a new or existing case. For more on cases, see Cases.
   • To filter the events by a specific value on the page or view more information about a value, click the value and then click the relevant context box button.

   The following list summarizes the buttons that display: Filters the current page for events with the same value. Filters the current page for events without the value. Copies a value to your clipboard. Displays more information about a value. Displays a submenu containing the following options: Filters by a value within the Users module. Filters by a value within the Nodes module (if selected from a user's context box) or takes you to the Node profile page (if selected from a node's context box).

   • To filter the page for events occurring before, after, or around the same time as an event in the table, click the timestamp and set your preferred time range.

   For example, selecting 10 minutes and the Around menu option would filter for events occurring during the 10 minutes before the timestamp and the 10 minutes after the timestamp.