Security Investigator
Latest Dynatrace
Dynatrace Security Investigator 
is dedicated to security analysts and designed for threat hunting, incident solving, and root cause analysis. It provides assisted functionalities and automations to speed up and support investigation resolution, and supports evidence-driven security use cases based on logs, metrics, and traces ingested into Grail.
Overview
Get started
Create your first investigation scenario.
Execute queries
Define and execute queries while combining functionalities.
Filter logs
Search for the relevant information in the logs.
Enhance results display
Grasp information from your log records in a structured and viable way.
Extract fields with DPL Architect
Extract fields from complex data and get instant feedback on your patterns without the need to re-execute queries.
Navigate the query tree
Track your path, navigate to previous steps, get a comprehensive overview of your investigation history.
Define timeframes
Define the period from which your data is being queried.
Manage evidence
Keep track of relevant findings by attaching them to your case as evidence for later use, while preserving the investigation context.
Share cases
Collaborate with peers when hunting threats to keep them up-to-date and enable joint editing, while being in control of the access provided.
Collaborate with other apps
Interact with other compatible apps at any time for further insights.
Use cases
Threat hunting and forensics
Search for indicators of compromise (IoC) and perform forensic investigations and threat hunting activities.
Analyze AWS CloudTrail logs
Analyze CloudTrail logs and find potential security issues with Dynatrace Security Investigator.
Detect threats against your AWS Secrets
Monitor and identify potential threats against your AWS Secrets with Dynatrace Security Investigator.