Beginning the design sprint...  What are our goals? What do we  need  to achieve them?  Product Goal: Solve anomalies faster.  Needed: (1) Security Investigations. (2) Maintain system hygiene. (3) Hunting.
 How can we solve anomalies faster? Two ideas for querying to consider.
 Resolving anomalies requires being able to investigate/query. What do we need for a query?
