Search queries should be included in Enterprise Events API
6
votes
![](https://secure.gravatar.com/avatar/d2d1fcb12a6d487af9f47a98a423adcd?size=40&default=https%3A%2F%2Fassets.uvcdn.com%2Fpkg%2Fadmin%2Ficons%2Fuser_70-6bcf9e08938533adb9bac95c3e487cb2a6d4a32f890ca6fdc82e3072e0ea0368.png)
Thank you for your submission. However, this does not have enough demand in order to be prioritized.
We will reconsider with additional use cases.
-
Murakami Akihiko @ Marubeni IT Solutions commented
I also strongly do support this request.
When a malicious user tries to steal confidential information without being noticed by SIEM, he/she searches for some specific keyword to reach to the target document.
We need to detect those suspecious user who searches for those word.