Expand possible event detail fields for use as query filters

bradomski · August 19, 2025, 11:25am

What is a one sentence summary of your feature request?

More Event Details fields in query filtering

Please describe your idea in detail. What is your problem, why do you feel this idea is the best solution, etc.

When creating a new investigation, not all fields visible in the event details are available for use as filters in creating queries.

For example its not possible to query over:
Originating Client Protocol, Client IP, Host IP and more.

How do you currently solve the challenges you have by not having this feature?

Was not able to find workaround for lack of this functionality.

kevin.joyce · August 29, 2025, 6:12pm

Hi Bartłomiej! Thanks for joining the community.

Can you just verify which version of the product you are on? Also, you included the three fields as examples - are there others you could see yourself wanting or needing to query?

Thanks!

Topic		Replies	Views
Column Customization in Event Details Section of Investigation Reports Ideas under-review , ideas , investigation-reports	2	48	April 25, 2025
"Does not contain" filter in Search Ideas completed , ideas	5	125	February 2, 2026
Show Events Details in Reports - Expected vs Actual with changes highlighted Ideas already-exists , ideas	1	49	May 27, 2025
Use AI to Investigate Threats with Netwrix Threat Manager News threat-manager , announcement , mcp , product-update	0	66	November 13, 2025
Nested Filtering Ideas new , ideas	2	31	February 24, 2026

Expand possible event detail fields for use as query filters

What is a one sentence summary of your feature request?

Please describe your idea in detail. What is your problem, why do you feel this idea is the best solution, etc.

How do you currently solve the challenges you have by not having this feature?

Related topics