Simple Query Builder

Project overview

Many users in the SIEM system struggled to query databases due to the complexity of the Cortex Query Language (XQL). 

This challenge made it difficult for non-technical users to retrieve specific data, slowing down workflows and increasing reliance on technical teams. 

At the same time, more advanced users needed the ability to refine and customize queries for more complex needs. 

To address this, I designed a Query Builder tool that allowed both non-technical and advanced users to easily create and refine queries, streamlining the process and reducing errors.

My role

As the UX Designer, I led the design process end-to-end. 

This involved conducting user research, defining user flows, creating wireframes and interactive prototypes, and collaborating closely with product managers, engineers, and stakeholders to ensure the final solution met both user needs and business goals. 

I also worked on usability testing and iterating based on user feedback.

Goals & Objectives

• Simplify the querying process for non-technical users by providing an intuitive, code-free interface for creating queries.

• Enable advanced users to easily customize their queries by adding custom fields and switching to XQL for more complex needs.

• Increase efficiency by reducing user errors and minimizing dependency on technical teams for data retrieval.

The Challenges

• Non-technical users needed a way to query data without knowledge of XQL, while still being able to retrieve meaningful results.

• Advanced users require flexibility to customize queries and work directly in the query language (XQL) for more complex use cases.

• Error reduction was key, as manually-written XQL queries were prone to mistakes and misinterpretations, especially for those unfamiliar with the syntax.

• The system had to handle a variety of query types (basic fields like IP address, host name, etc., as well as more advanced searches for complex scenarios).

Research & Discovery

• I gathered metrics to understand which data fields users most commonly queried, identifying the most crucial use cases for both non-technical and advanced users.

• Conducted user interviews with a mix of non-technical users and power users to understand their challenges and needs when using the query tool.

• Synthesized insights into specific requirements for both groups: a simple, guided interface for beginners, and a flexible, customizable tool for advanced users.

Design Solution

• Simple Query Builder: Created a user-friendly interface with drop-down menus for common search fields, allowing non-technical users to quickly generate queries without needing any coding skills.

• Advanced User Customization: Included features to add custom fields and switch to XQL mode for users who required more complex, tailored queries.

• Guided Workflow: Designed the flow to be intuitive, minimizing the chances of error by limiting the need for manual input, and offering predefined options based on common use cases.

• Prototype & Usability Testing: Created wireframes and high-fidelity prototypes, which I tested with a select group of users to gather feedback and refine the design.

Results

• Improved Efficiency: Non-technical users were able to create queries independently, saving time and reducing reliance on technical support teams.

• Reduced Errors: The structured, drop-down interface helped minimize query mistakes, increasing the overall accuracy and reliability of the search results.

• User Satisfaction: Both non-technical and advanced users reported a more seamless and efficient experience, with advanced users appreciating the flexibility to work directly in the query language.

• The tool significantly reduced query creation time, improving overall workflow efficiency for both user groups.

Reflections

• The design process included multiple feedback rounds between the Product Manager and their manager, which led to some misunderstandings.
  In retrospect, a joint meeting with both stakeholders upfront would have streamlined feedback and kept the project moving forward more efficiently.
  Going forward, I’d prioritize aligning key stakeholders early to avoid delays and improve communication.

• Future Improvements: One area for improvement would be to provide more dynamic recommendations or smart suggestions based on previous or popular queries to further streamline the process for users.
  Another solution that can make the search significantly more accessible is support for natural language searches.

Key Contributions & Skills

• Led the end-to-end UX design process, from research to final implementation, ensuring alignment with both user and business needs.

• Conducted user research and usability testing, translating insights into actionable design improvements.

• Designed adaptive solutions that catered to both novice and expert users, balancing simplicity and flexibility.

•  Cross-functional collaboration with product managers, engineers, and stakeholders to ensure the solution was technically feasible and met user needs.

• Delivered a high-impact user interface that increased efficiency, reduced errors, and enhanced user satisfaction.