Get started with Security Investigator
To get started with Security Investigator, follow the instructions below.
Prerequisites
-
Dynatrace version 1.288+
-
Basic knowledge of
-
Permissions: For a list of permissions required, go to Dynatrace Hub
, select Security Investigator 
, and display Technical information. -
To investigate ingested logs, you need to set up log ingestion.
Get started
To create an investigation scenario, select 
Case.
Each scenario corresponds to a case. Once you create a case, you can build, rename, or delete it; switch between cases (all your changes are automatically saved); or share it with others.
-
You can create an unlimited number of investigation scenarios.
- Example scenario: Threat hunting and forensics
-
You can create a maximum of 100 nodes per case.
-
The maximum size of a case is 1 GB.
Go to the Security Investigator home page. Each case card contains information about the case size and number of queries.
Next steps
To learn how to use Security Investigator , see
Use cases
Further resources
For additional insights into Dynatrace Security Investigator , see
-
Dynatrace University tutorial:
Dynatrace Security Investigator