wazuh guide for event search

[Gary Woodard]

Is there a guide for searching for data such as source networks or agent groups? Can I save the view on the event page? 

[Jesus Linares]

Hi,

Wazuh dashboard is based on Opensearch Dashboards, and here you can find a guide about the query language: https://opensearch.org/docs/latest/dashboards/dql/.

You can create your own searches. Go to "Discover", configure your search (filters, columns, etc) and click on the top corner button "save".

I hope it helps.