It actually makes perfect sense to use your existing eDiscovery tools to assist with any type of investigation that requires you to find things in a large set of data. It’s, literally, what they are built to do.
Heck, I think back to years ago when one of the attorneys I worked with loaded all of his legal research material, clipped articles, rulings, etc. into an eDiscovery database. It made finding something much easier than anything else he was using at the time. I’ve often considered doing something similar.
Post breach investigations require looking through tons of data. Why not have a robust search tools to do that?