Create a Search
Select > .
When creating a search, you can use the default values for the fieldset, time range of data to search, and some additional settings or specify your preferred settings. Alternatively, you can load a saved query, criteria, or dataset.
If you tend to use the same settings for some search parameters, you might want to configure your preferred default setting. For example, you can configure a default time range. To use the same search query or search criteria for multiple searches, you should save it. You can also save the results of an executed search and configure a default expiration time for searches. By default, session searches expire after 24 hours of inactivity and saved searches after seven days. Search truncates long queries, displaying … to indicate additional content. To see the entire query, you can pin the input field.
If you do not have Real-time Threat Detection Service in your ArcSight SaaS environment, then you can create only one type of search in UI which corresponds to fixed-time search.