From ed404569e0b42cb3f8e9638854a2ee58c93cb700 Mon Sep 17 00:00:00 2001 From: Benjamin Ironside Goldstein Date: Thu, 5 Mar 2026 14:29:51 -0800 Subject: [PATCH 1/2] Update advanced entity analytics documentation structure - Replaced the "Explore" section with a direct link to the new "Explore" page in the advanced entity analytics documentation. - Adjusted the hierarchy of the "hosts", "network", and "users" pages to improve organization and accessibility within the documentation. --- .../security/advanced-entity-analytics.md | 6 +----- .../advanced-entity-analytics/explore.md | 21 +++++++++++++++++++ solutions/toc.yml | 12 ++++++----- 3 files changed, 29 insertions(+), 10 deletions(-) create mode 100644 solutions/security/advanced-entity-analytics/explore.md diff --git a/solutions/security/advanced-entity-analytics.md b/solutions/security/advanced-entity-analytics.md index a7d0daf156..daf8710a1e 100644 --- a/solutions/security/advanced-entity-analytics.md +++ b/solutions/security/advanced-entity-analytics.md @@ -23,8 +23,4 @@ Entity analytics provides the following key capabilities: * {applies_to}`serverless: ga` {applies_to}`stack: preview 9.1-9.2, ga 9.3+` [](/solutions/security/advanced-entity-analytics/privileged-user-monitoring.md) -To learn about how you can explore your host, user, and network data, refer to: - -* [](advanced-entity-analytics/hosts-page.md) -* [](advanced-entity-analytics/network-page.md) -* [](advanced-entity-analytics/users-page.md) \ No newline at end of file +To learn about how you can explore your host, user, and network data, refer to [Explore host, user, and network data](advanced-entity-analytics/explore.md). \ No newline at end of file diff --git a/solutions/security/advanced-entity-analytics/explore.md b/solutions/security/advanced-entity-analytics/explore.md new file mode 100644 index 0000000000..86a6a1f39b --- /dev/null +++ b/solutions/security/advanced-entity-analytics/explore.md @@ -0,0 +1,21 @@ +--- +navigation_title: Explore +applies_to: + stack: all + serverless: + security: all +products: + - id: security + - id: cloud-serverless +--- + +# Explore host, user, and network data [explore-entity-data] + +{{elastic-sec}} provides dedicated pages for exploring host, user, and network data within your environment. Each page offers key performance indicator (KPI) charts, interactive widgets, and data tables that let you view specific data, drill down for deeper insights, and investigate events using Timeline. + +Use the following pages to explore your security data: + +* [**Hosts**](hosts-page.md): View host metrics, events, anomalies, risk scores, and sessions. Drill into host details for comprehensive information about individual hosts in your environment. +* [**Users**](users-page.md): Review user authentication events, anomalies, and risk scores. Drill into user details to understand individual user activity and behavior. +* [**Network**](network-page.md): Analyze network activity using an interactive map and data tables for events, flows, DNS queries, HTTP requests, and TLS handshakes. + diff --git a/solutions/toc.yml b/solutions/toc.yml index b56924d5a1..f2b7a774f8 100644 --- a/solutions/toc.yml +++ b/solutions/toc.yml @@ -750,12 +750,14 @@ toc: - file: security/advanced-entity-analytics/privileged-user-monitoring-requirements.md - file: security/advanced-entity-analytics/privileged-user-monitoring-setup.md - file: security/advanced-entity-analytics/monitor-privileged-user-activitites.md - - file: security/advanced-entity-analytics/hosts-page.md - - file: security/advanced-entity-analytics/network-page.md + - file: security/advanced-entity-analytics/explore.md children: - - file: security/advanced-entity-analytics/configure-network-map-data.md - - file: security/advanced-entity-analytics/configure-dns-histogram.md - - file: security/advanced-entity-analytics/users-page.md + - file: security/advanced-entity-analytics/hosts-page.md + - file: security/advanced-entity-analytics/network-page.md + children: + - file: security/advanced-entity-analytics/configure-network-map-data.md + - file: security/advanced-entity-analytics/configure-dns-histogram.md + - file: security/advanced-entity-analytics/users-page.md - file: security/asset-management.md - file: security/security-serverless-feature-tiers.md - file: security/apis.md From 67544d7429247dc71dd020cd78f2551d244fe676 Mon Sep 17 00:00:00 2001 From: Benjamin Ironside Goldstein <91905639+benironside@users.noreply.github.com> Date: Thu, 5 Mar 2026 17:04:33 -0800 Subject: [PATCH 2/2] Update solutions/security/advanced-entity-analytics.md --- solutions/security/advanced-entity-analytics.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/solutions/security/advanced-entity-analytics.md b/solutions/security/advanced-entity-analytics.md index daf8710a1e..3b47d16b63 100644 --- a/solutions/security/advanced-entity-analytics.md +++ b/solutions/security/advanced-entity-analytics.md @@ -23,4 +23,4 @@ Entity analytics provides the following key capabilities: * {applies_to}`serverless: ga` {applies_to}`stack: preview 9.1-9.2, ga 9.3+` [](/solutions/security/advanced-entity-analytics/privileged-user-monitoring.md) -To learn about how you can explore your host, user, and network data, refer to [Explore host, user, and network data](advanced-entity-analytics/explore.md). \ No newline at end of file +To learn about how you can explore your host, user, and network data, refer to [Explore](advanced-entity-analytics/explore.md). \ No newline at end of file