Security Investigator

Latest Dynatrace

What you'll learn

  • Define and execute queries while combining functionalities.
  • Search for relevant log information.
  • Grasp structured information from log records.
  • Extract fields and get instant feedback on patterns.
  • Track your path, navigate to previous steps, view your investigation history.
  • Define the time range for your data queries.
  • Attach relevant findings as evidence, while preserving the investigation context.
  • Collaborate with peers on threat hunting with controlled access.
  • Interact with compatible apps for further insights.

Target audience

While Dynatrace Security Investigator SI Logo is primarily designed for security investigations, it's highly effective in conducting any detailed, evidence-driven investigation, no matter the field or nature of the inquiry.

Key use cases include:

  • Incident response
  • Root cause analysis
  • Threat hunting
  • Fraud analysis and investigations
  • Data forensics

Our diverse audience includes everyone involved in evidence-driven investigations, from security analysts and SREs to DevOps engineers and internal auditors handling major fraud investigations on large-scale events.

Security Investigator SI Logo is designed to streamline evidence-driven investigations on data in Grail by

  • Eliminating manual, repetitive tasks

  • Providing contextual enrichment without tool-switching

  • Offering fast, detailed access to your data

  • Enhancing user experience for quick issue identification

It features assisted functionalities and automations to expedite and support investigation resolution, leveraging logs, metrics, and traces ingested into Grail.

View your whole investigation flow as you go along with the ability to always jump back to the previous step of the investigation.Detailed view of the record shows all record fields at once; you can drill down to the details of the field or move between records.Use the data in results with the character precision: you can create new evidence of DQL filters by selecting a portion of the field.Manipulate evidence and filter with multiple values at once: you can select the range of IPs and create a DQL filter based on the values.
1 of 4

To get started and create your first investigation scenario, open Security Investigator SI Logo and select Add Case.

Try Security Investigator SI Logo and share your feedback to help us improve.

Learning modules