Our search capabilities give you the ability to quickly find events matching certain criteria.
You'll notice the Search field above the Events list. This is where you'll enter your search query. (Tip - Search for incidents on the Incidents tab and assets on the Assets tab in a similar way.)
Start typing and we'll show you the event properties you can search like actor process, asset hostname, profile name, etc. Select the one you're interested in.
Now enter the value you want to match, and click Search. That's it! Your matches will appear in your events list.
Note that date range for searching events should be less than or equal to 365 Days. That date range can be any year to any year, but difference between total number of days should be less than or equal to 365 days.
See also: How to search | Group by options
Tip - Use your queries to create dashboard widgets on the Dashboards tab.