Enterprise threat detection (ETD) typically collects and stores a large amount/large sets of log data associated with various systems (often referred to as “big data”) associated with an enterprise computing system. The stored data can be analyzed computationally using forensic-type data analysis tools to identify suspicious behavior in revealed patterns, trends, interactions, and associations, especially relating to ETD behavior. Appropriate responses can then be taken if malicious behavior is suspected or identified. Given the amount/size of the stored data and possible multiple attributes or dimensions the stored data can be distributed in, it can be difficult for a user to filter out unrelated data when searching for particular data. As a result, users can easily lose overview/perspective while viewing and analyzing data in a user interface.