In July, we provided a rundown of what was new in InsightIDR, our cloud-based SIEM tool, from the first half of 2020 (check out the blog post here for a recap). We’ve released some pretty great features and updates since then, so we thought it was time for another recap! This post offers a closer look at some of the recent updates and releases in InsightIDR from Q3 2020.
LEQL Multi-groupby
We’ve made many updates to InsightIDR’s Log Search capabilities this past year. Our latest addition, LEQL Multi-groupby, allows customers to group by multiple fields in their log data searches. With LEQL multi-groupby, you can get a more detailed view into your log data by grouping up to five fields in one single query, which reduces the number of queries they need to run in multiple tabs and makes their searches more efficient.
For example, now you can see failed logins by user and service and asset, network traffic by country and application, virus alerts by asset and risk, and so much more. Check out our recent blog for more information on LEQL multi-groupby.
Custom Alert Automation with new InsightConnect integration
Attacks happen fast—your response should, too. This is why InsightIDR, Rapid7’s cloud SIEM, integrates seamlessly with InsightConnect, Rapid7’s Security Orchestration, Automation, and Response (SOAR) solution, to eliminate manual processes and accelerate teams’ response to threats.
Joint customers of InsightIDR and InsightConnect have been able to kick o ..
Support the originator by clicking the read the rest link below.
