Contact UsTry it for free
© 2026 Direct Cursus Technology L.L.C.

Working with the investigations list

Written by
Updated at April 27, 2026

Note

This feature is in the Preview stage. To get access, contact tech support or your account manager.

This section describes how to work with the investigations list: filter investigations by date, search by name and tags, and sort by modification date.

Getting started

The Yandex SIEM section will appear in the Cloud Center interface as a Security Deck module after the access request is approved.

You need the ycem.editor role to use the service.

Opening the investigation list

To open the investigation list:

  1. Go to Security Deck.
  2. In the left-hand panel, select Yandex SIEM.
  3. Navigate to the Investigations tab.

The list displays all investigations for which you have access permissions.

Filtering by creation date

To filter investigations by creation date:

  1. Navigate to Investigations.
  2. Click the date filter.
  3. Select a period:
    • Certain date.
    • Date range.
  4. Apply the filter.

The list will refresh to only show investigations created within the selected period.

To find an investigation:

  1. Navigate to Investigations.
  2. Enter your keywords in the search field.
  3. The results will be displayed automatically.

The system will search for keywords in the following fields:

  • Investigation name.
  • Investigation description.
  • Tags.

Tip

Use tags for quick category-based searches, e.g., prod, security-incident, february-2024.

Sorting by modification date

To sort investigations:

  1. Navigate to Investigations.
  2. Click the Modified column header.
  3. Select the sort order:
    • Ascending, i.e., from oldest to newest.
    • Descending, i.e., from newest to oldest.

By default, investigations are sorted by modification date in descending order.

Viewing investigation information

The investigations list displays the following details for each investigation:

  • Name: Brief description of the investigation's purpose.
  • Creation date: Timestamp when the investigation was created.
  • Last modified date: Timestamp of the most recent modification.
  • Tags: Keywords to group and search for investigations.

To open an investigation, click its name in the list.

See also

Previous
Investigation management
Next
Overview