VRadar Tutorial — Episode 16: Search Logs

In this episode, you'll learn to search log records. Open the Logs tab. VRadar stores every raw log from Wazuh agents in ClickHouse, with ninety days retention for STANDARD plan and three hundred sixty five days for ADVANCED. The search bar at top lets you query by keyword, regex, or specific fields like host, source I P, rule ID. Time range from Last 1 hour to Custom range. Results show a table with timestamp, host, rule, and message. Click a row to see the full raw log with field highlighting. This is the primary tool for threat hunting: finding attack signs not covered by rules, verifying false positives, or post-incident forensics. Queries return fast thanks to ClickHouse columnar engine, millions of logs in under a second. 🌐 Sign up: https://vradar.io 📧 Support: [email protected] 📺 Playlist: VRadar Tutorial Series (English) Tutorial series for VRadar — Vietnam's SOC SaaS platform. 18 episodes from login to post-quantum PQ-Agent install. #VRadar #tutorial #SOC #cybersecurity #Wazuh #English