Multi column search for Database Entity does not work on OS and some other columns in SEDR 4

search cancel

Multi column search for Database Entity does not work on OS and some other columns in SEDR 4

book

Article ID: 192209

calendar_today

Updated On:

Products

Endpoint Detection and Response

Issue/Introduction

When performing an Entity search, you can add filters based on multiple fields. When typing a search query based on the OS of an entity, you notice that it gets changed to Multi Column:, but the search does not return results.

Resolution

Currently the only fields that can be searched, including Multi Column, on the Entity page are the following:

entity:

disposition:

Enrollment:

file.name:

file.sha2:

file.md5:

data_source_url_domain:

data_source_url:

external_ip:

device_name:

device_ip:

user_name:

first_seen:

Endpoint State:

Online:

sepm_name:

sepm_ip:

sep_domain:

sep_group:

Feedback

thumb_up Yes

thumb_down No