Scheduled Searches

Scheduled searches are standard saved searches that are executed on a schedule you set. Once configured, scheduled searches run continuously, making them a great tool for continuously monitoring your stack.

Schedule a Search

Learn how to add alerts and schedule search to run it at a regular scheduled time.

Create an Email Alert

Learn how to create a scheduled search email alert.

Create a Real-Time Alert

Learn how to create an alert to get notified in real-time when error conditions exist.

Edit or Cancel a Scheduled Search

Learn how to edit or cancel a scheduled search at any time.

Receive Email Alerts from Scheduled sources

Learn how to set up and receive email alerts about scheduled searches.

Generate CSE Signals With a Scheduled Search

Learn how to create a scheduled search that will trigger a Cloud SIEM Enterprise (CSE) Signal.

Run a Search from an Alert Email

Learn how to receive an email created by an email alert in a scheduled search.

Save to Index

Learn how to save the results to an Index after creating a scheduled search email alert.

Save to Lookup

Learn how to save the results of a scheduled search to a Lookup Table.

FAQ

Review frequently asked questions about scheduled searches and troubleshooting tips.