Search across all sources
- Full-text search with a single open standard query language (KQL) across cloud, third-party SaaS, and on-premises environments
- With the familiar OpenSearch Dashboards interface, you can quickly search all your data in your security data lake with the flexibility you are used to from Elasticsearch
Fast, scalable
- Unlimited compute on demand for consistent performance regardless of load and number of concurrent users
- Search optimization assures fast context-based search across large data volumes
Zero operations
- You can have OpenSearch Dashboards for monitoring any type of logs—Security and Operational
- We provide an easy way to collect logs, as well as integrate to any of your existing log collection systems
KQL + Cloud Scale Data Lake = Magic
We give you a whole new search experience by combining the best aspect of OpenSearch, KQL, and the leading cloud scale data platform, Snowflake. You have fast access to all your data in one seamless data cloud where all your data is hot.
- Your new service is delivered pre-configured and ready to go on all your data with fast and near-infinite performance, concurrency, and scale. There are no concurrency limitations and performance is consistent no matter the volume of data or how heavy the query load
- Available on AWS, Azure, and Google Cloud Platform, load from storage containers or load directly from cloud and on-premises sources
- As a fully managed solution, there is no operational overhead
How to search on a security data lake
- Interactively search and explore your data with a pre-defined index pattern by simply entering your search criteria in the Query Bar
- Use Kibana’s standard query language, KQL, which features autocomplete and a simple, easy-to-use syntax query language
- Interactively explore your data and analyze your data in charts, tables, gauges, tag clouds, and more with the pre-configured index pattern
- The histogram, documents table, and fields list are updated to reflect the search results when submitting a search request
- The total number of hits, or matching events, is shown in the toolbar
- Sort the table in either chronological order or by the values in any indexed field
