Managed SIEM

Sometimes I want to be able to export data to a csv if there is a lot of data I have to look over. Allowing exporting all data of a query search would be helpful with this.

It would be nice if we can have an "easy button" for searching for specific common / interesting events. One example may be "failed logins" or "RDP Session Logins" with the option to modify the query to expand or scope it (Machine name etc).