Pivots Introduction

Pviots are the main building block for investigations. Each connector such as HTTP and Splunk comes with base pivots for actions like searching, expanding upon previous results, and enriching existing results. Each builds out the graph, and has its results formatted based on the system ontology. They can be run and chained together on-the-fly, saved for automation templates, and customized for streamlined use.

Pivots are built for flexible use by advance users without requiring low-level coding. At the same time, they can be difficult for new and occasional, so we encourage creating custom pivots tuned for common tasks.

