Skip to content

View observables#

In this section you can find information about observables.

Observables represent stateful properties (such as the MD5 hash of a file or the value of a registry key) or measurable events (such as the creation of a registry key or the deletion of a file) that are pertinent to the operation of computers and networks.

observables list

Add observables#

  1. Click the + to add an observable.
  2. Type the Type.
  3. Type the Value.
  4. Select TLP, (White/Green/Amber/Red) from the options.
  5. Select PAP, (White/Green/Amber/Red) from the options.
  6. Switch the on button for Is IOC. (IoC repository contains objects, and each of the objects contain a specific piece of information.)
  7. Switch on the button for Has Been Sighted.
  8. Switch on the button for Ignore Similarity.
  9. Add Tags. (Refer to Add tags).
  10. Type the Description.
  11. Click the Save and add another button.
  12. Click the Confirm button.

add observable

Observables Actions#

You can make use of any of the available actions.

observables actions.png

Delete#

  1. Click the Delete option to remove an observable.

A message pops-up

  1. Click the OK button.

delete pop up

Run Analyzers#

  1. Click the Run Analyzers option.

A new window opens.

  1. Select one or more Analyzers from the list.
  2. Click the Run Analyzers button.

run analyzers

Responders#

  1. Click the Responders option.

Responders

Pin/Unpin#

  1. Click the Pin/Unpin option to pin or unpin observables.

Export#

To Export an observable details file:

  1. Click the Export option.
  2. A file is downloaded, that can be exported/sent.

Copy Data#

  1. Click the Copy data option.

copy to clipboard