Skip to main content
Panther Knowledge Base

How can I find the total number of Panther alerts sent over a certain period of time?

  1. Last updated
  2. Save as PDF

QUESTION

How can I find the total number of Panther alerts sent over a certain period of time, i.e. between a given start and end date?

ANSWER

In the Panther Console, go to Investigate > Data Explorer, and run a query like the one below with your own date range. The following query counts all rule matches with unique alert IDs, with an example date range from May 1, 2023 to July 1, 2023. Please note that this will exclude all alerts after the very first minute of July 1, so if you want to include alerts that fired on July 1, you will want to expand it to ('2023-05-01', '2023-07-02').

SELECT count(distinct p_alert_id)
FROM panther_views.public.all_rule_matches
WHERE p_occurs_between('2023-05-01', '2023-07-01')

 

  1. Back to top
  • Was this article helpful?

Recommended articles

  1. Page type
    Topic
  2. Tags
    This page has no tags.