Insight to Action: Create Monitors & Workflow Rules Directly in Explorer

🌟 New Feature Alert 🌟

You can now create a Monitor or add a Rule directly to a Workflow from an active search filter in Event Explorer.

What's New?

1. From Event Explorer, users can investigate specific activity and build a search query to identify suspicious behavior.

2. With a single click, users can then:

   1. Turn the query into a Monitor
   2. Add the query as a Rule to a Workflow

3. This creates a seamless path from investigation to action, without leaving Event Explorer.

   

   

Why Does This Matter?

1. Closes the loop between detection and prevention, enabling faster response to suspicious activity.
2. Strengthens interoperability between Explorer, Monitors, and Workflows, demonstrating a full lifecycle from investigation to automated response.
3. Reduces friction for analysts by letting them act directly on insights as they discover them.