Skip to main content

Filter and Search Cloud SIEM List Pages

Search in Cloud SIEM​

  1. Classic UI. In the main Sumo Logic menu, select Cloud SIEM.
    New UI. In the main Sumo Logic menu, select Cloud SIEM > Search Cloud SIEM. You can also click the Go To... menu at the top of the screen and select Search Cloud SIEM.
  2. Click in the Find Insights, Signals, Entities and more... search bar at the top of the page.
    Search box at the top of the page
  3. Enter text to search.
  4. To filter, click the filter icon Filter icon on the right side of the search box.
  5. Select a source to filter on.
    Search sources
  6. A dropdown list of filters appears for that source. Select a field to filter on, or pick a suggestion.
    List of fields to filter on
  7. Continue to select options to filter on from the options presented.

Search using regular expressions​

You also enter a search string or regex in the search bar, and press Return to run a search. Note that Cloud SIEM's regular expression engine will return items that contain text matching the complete string. The engine implicitly adds anchors (^ and $) to the beginning and end of your regex.

Cloud SIEM search uses Elasticsearch. For regular expressions allowed for use in Cloud SIEM search, see Regular expression syntax in the Elastic documentation.

You can use not to search for items that do not contain a particular keyword, for example: not:Initial Access

Status
Legal
Privacy Statement
Terms of Use

Copyright © 2025 by Sumo Logic, Inc.