eqlplayground.io Open in urlscan Pro
2606:4700::6812:195e  Public Scan

URL: https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solut...
Submission: On November 07 via manual from US — Scanned from DE

Form analysis 0 forms found in the DOM

Text Content

Events - administrador - Users - Explore - Security - Elastic
Skip to main content
Elastic

^/

Use the Up and Down arrow keys to move focus over options. Press Enter to
select. Press Escape to collapse options.

ED

eqldemo is the currently selected space. Click this button to open a popover
that allows you to select the active space.

 1. Security
 2. Explore
 3. Users
 4. administrador
 5. Events


Add integrations
Data view


SECURITY


 * Dashboards





 * Rules



 * Alerts


 * Findings


 * Cases




 * Timelines


 * Intelligence


 * Explore





 * Get started
   

--------------------------------------------------------------------------------

 * Manage



Today
Updating



ADMINISTRADOR


Last event: Nov 6, 2024 @ 22:37:06.009

User ID—Domain—
First seen
Oct 28, 2020 @ 08:30:44.000
Last seen
Nov 6, 2024 @ 22:37:06.009
Operating system—Family—IP addresses—
User risk score—
User risk level

—

--------------------------------------------------------------------------------



ALERTS BY SEVERITY


Investigate in Timeline
Updating...
Open

Acknowledged

Closed

Critical

High

Medium

Low



ALERTS BY RULE


Status1
Updating...

kibana.alert.rule.namecount


NO ALERTS TO DISPLAY


AuthenticationsEventsUser risk


EVENTS


Stack by
event.actionevent.datasetevent.module



Showing: 0 events




Show only external alerts


PAGE LEVEL CONTROLS

Untitled timeline

Unsaved
QueryES|QLCorrelationAnalyzerSession ViewNotesPinned
Data view



Nov 6, 2024 @ 23:28:53.724

Nov 7, 2024 @ 23:28:53.724
Refresh
Fields


1 field sorted
@timestamp1


message


event.category


event.action


host.name


source.ip


destination.ip


user.name





Fields


1 field sorted
@timestamp1


message


event.category


event.action


host.name


source.ip


destination.ip


user.name



0 OF
0




Nov 6, 2024 @ 23:28:53.724

Nov 7, 2024 @ 23:28:53.724
Refresh

EQL query
Event Query Language (EQL) Overview
(opens in a new tab or window)

Fields


@timestamp


message


event.category


event.action


host.name


source.ip


destination.ip


user.name







Untitled timeline

Unsaved

There is a new region landmark with page level controls at the end of the
document.




Press space bar to start a drag. When dragging you can use the arrow keys to
move the item around and escape to cancel. Some screen readers may require you
to be in focus mode or to use your pass through key