:

Search the Trail Flow Manually

To filter events that match specific character strings or patterns, you can type an expression in the search box to refine results using the Boolean operators *, AND, and OR. You can encapsulate OR statements with parentheses to modify search priority. The search looks for any specific value in an Active Directory attribute.

To search the Trail Flow manually:

In Tenable Identity Exposure, click Trail Flow to open the Trail Flow page.
In the Search box, type a query expression.
You can filter the search results as follows:
- Click on the Calendar box to select a start date and an end date.
- Click on n/n Domains to select forests and domains.

Click Search.

Tenable Identity Exposure updates the list with the results matching your search criteria.

Tip: To search using other criteria, you can Search the Trail Flow Using the Wizard

Example:

The following example searches for:

Deactivated user accounts that can endanger monitored AD infrastructures.
Suspicious activities and anomalous account use.

Copyright © 2024 Tenable, Inc. All rights reserved. Tenable, Tenable Nessus, Tenable Lumin, Assure, and the Tenable logo are registered trademarks of Tenable, Inc. or its affiliates. All other products or services are trademarks of their respective owners.