The SIEM app is now a part of the Elastic Security solution.
Click
here to view SIEM documentation for previous releases.
Investigate events
edit
IMPORTANT: This documentation is no longer updated. Refer to Elastic's version policy and the latest documentation.
Investigate events
edit
This sections describes how to use timelines and the timeline graphical interface to investigate events.