Raw Log Search Data Visualization

Enhancing usability and accuracy for cybersecurity investigations by redesigning the unprocessed data search experience.

Role

Lead Designer

Timeline

Early 2023

Team

Search & Data · Eng

Org

Arctic Wolf

Raw Log Search Main Interface
Visual Artifact 1: The redesigned Raw Log Search main interface
01 — Context

Project Context

Arctic Wolf Networks offers cybersecurity services to businesses, including Raw Log Search, a product currently grappling with usability issues. Our project aims to enhance customer satisfaction and retention for Raw Log Search by investigating design solutions that improve the user experience.

What is a Raw Log Search?

A raw log is an unprocessed file with event records, encompassing data like errors, access logs, and debugging info. The Raw Log Search tool helps customers sift through this data using keywords or preset examples, enhancing query accuracy.

“Raw Log Search allows customers to look at their unprocessed data — none of this data is enriched so it’s a giant text file.”
Marcus Russell, Senior Product Owner @ Arctic Wolf
02 — The problem

Problem Definition

The Raw Log Search is plagued by a number of issues, including poor usability, a lack of user knowledge concerning the most efficient search methods, and the need to access multiple products. These factors all contribute to a significant level of friction.

Problem areas

  • Low Usage Rate: Not many customers currently use this tool.
  • Hidden Accessibility: Hidden within multiple tabs, making it hard to find.
  • High Costs: Inefficient research patterns incur unnecessary expenses.

“How might we make the Raw Log search more intuitive to use?”

Existing Design Audit
Visual Artifact 2: Audit of the existing Raw Log Search design and its usability issues
03 — Research

Competitor Analysis

To enhance the usability and functionality, a competition analysis was undertaken focusing on industry leaders like Rapid7 and Crowdstrike. The findings highlighted that Arctic Wolf's Raw Log Search was relatively less developed compared to industry-leading competitors.

Competitor Analysis 1
Visual Artifact 3: Competitor analysis of industry standard interfaces (Part 1)
Competitor Analysis 2
Visual Artifact 4: Competitor analysis of industry standard interfaces (Part 2)
04 — Ideation

Low-fi Wireframes Iterations

We developed distinct design ideas to address the problem space. Iteration focused on organizing search ribbons and managing technical filter density.

Iteration 1: Unified Ribbon

Features a user-friendly search ribbon organized cohesively in a single row, unlike the original multi-row layout.

Wireframe Iteration A
Visual Artifact 5: Wireframe Iteration A - Focusing on a unified search ribbon

Iteration 2: Filter Integration

Concentrated on strategies to integrate diverse technical filters without cluttering the interface.

Wireframe Iteration B
Visual Artifact 6: Wireframe Iteration B - Exploring filter density and layout
05 — Design Decisions

Refining the Investigation Tool

Detailed Design Decisions
Visual Artifact 7: Key design decisions for the final interface
  1. Sub Navigation: Consistency with other product pages.
  2. Case Sensitivity: Positioned prominently below search input to reduce missed states.
  3. Adjustable Histogram: Enables precise navigation to desired results.
  4. Help Documentation: Integrated guidance for faster results.
  5. Support Text: Helpful cues for technical input requirements.
  6. Clear Actions: Distinguishable primary and secondary actions.
  7. Hide Histogram: Option to declutter the interface when necessary.
06 — Final Design

The Finished Experience

The final solution delivers a high-performance search experience that balances power with ease of use.

Final High-Fidelity Design
Visual Artifact 8: The final high-fidelity design for Raw Log Search
07 — Outcome

Project Reflections

The revised Raw Log Search design was developed in early 2023. This project provided significant learning experiences in terms of working with design systems and successfully executing an end-to-end project at scale.