Scheduled Searches

A Scheduled Search is a standard Log Search that you save and execute to run on a schedule. Once configured, Scheduled Searches run continuously, making them a great tool for continuously monitoring your stack.

Create a Scheduled Search

Learn how to add alerts and schedule search to run it at a regular scheduled time.

Create a Scheduled Search Email Alert

Learn how to create a Scheduled Search email alert.

Create a Scheduled Search Real-Time Alert

Learn how to create an alert to get notified in real-time when error conditions exist.

Edit or Cancel a Scheduled Search

Learn how to edit or cancel a Scheduled Search at any time.

Save to Index

Learn how to save the results to an Index after creating a Scheduled Search email alert.

Save to Lookup

Learn how to save the results of a Scheduled Search to a Lookup Table.

Generate Cloud SIEM Signals with a Scheduled Search

Learn how to create a Scheduled Search that will trigger a Cloud SIEM Signal.

FAQ

Review frequently asked questions about Scheduled Searches and troubleshooting tips.