Security Investigator

Latest Dynatrace

Dynatrace Security Investigator is dedicated to security analysts and designed for threat hunting, incident solving, and root cause analysis. It provides assisted functionalities and automations to speed up and support investigation resolution, and supports evidence-driven security use cases based on logs, metrics, and traces ingested into Grail.

Explore in Dynatrace Hub

Boost efficiency, improve precision, and speed up security investigations of data ingested into Grail using DQL queries.

Get started

Create your first investigation scenario.

Execute queries

Define and execute queries while combining functionalities.

Filter logs

Search for the relevant information in the logs.

Enhance results display

Grasp information from your log records in a structured and viable way.

Extract fields with DPL Architect

Extract fields from complex data and get instant feedback on your patterns without the need to re-execute queries.

Navigate the query tree

Track your path, navigate to previous steps, get a comprehensive overview of your investigation history.

Define timeframes

Define the period from which your data is being queried.

Manage evidence

Keep track of relevant findings by attaching them to your case as evidence for later use, while preserving the investigation context.

Share cases

Collaborate with peers when hunting threats to keep them up-to-date and enable joint editing, while being in control of the access provided.

Collaborate with other apps

Interact with other compatible apps at any time for further insights.