Use Cases

Security Analytics Use Cases
Event correlation Use correlation rules to help identify and investigate potential issues across multiple systems.
Analyze custom logs: Create customized detection rules to help analyze data from custom log types.
Real-time detection: Detect adversarial actions in real time and notify security teams about potential threats.

Getting Started

To learn more about OpenSearch Security Analytics and start exploring your event logs, visit About Security Analytics and Setting up Security Analytics in our documentation.