Use the Dashboard > Threats > Event Details page to research suspicious activity incidents. The page can show incidents related to:
If a user agent header was captured for the incident, the User Agent String field includes a link that you can use to Search for other instances of the user agent. Click the link to see results on the Search tab of the Reporting > Applications page. See
Application reporting for more information about application reports and user agents.
To export event information to a CSV file, click Export in the toolbar at the top of the content pane. All threat-related events logged in the selected
time period are exported; not just those for the user, IP address, hostname, or severity level currently displayed on the page.