Records, Signals, Entities, and Insights
Learn about Insight generation, working with Entities, and how to query CSE Records.
In this section, we'll introduce the following concepts:

Insight Generation Settings
Learn how to configure the detection window and the threshold Activity Score for Insight generation.

Global Intelligence for Security Insights
Learn how to triage and prioritize Insights.

Custom Insights
Learn how to set up Custom Insight configurations.

View and Manage Entities
Learn about all the Entities in CSE and their Activity Scores.

Entity Criticality
Learn how to adjust the severity of Signals for specific Entities.

Custom Entity Types
Learn how to create custom Entity types in CSE.

Entity Groups
Learn how to automatically group entities in terms of criteria like name or IP Address.

Entity Lookup Tables
Learn how to normalize the names of users and hosts (machines) in your environment.

View Records for a Signal
Learn how to view Records associated with a Signal in CSE.

Signal Suppression
Learn about ways to suppress and exclude CSE Signals from the Insight generation process.

Search Sumo Logic for CSE Records
Learn to search the Sumo Logic platform for Records and Signals that have been forwarded from CSE.

Using Tags
Learn how to add context to CSE items, and search and filter items by tag.