How to Run Analyzers on an Observable

This topic provides step-by-step instructions for running analyzers on an observable in TheHive.

Analyzers enrich observables with detailed, contextual intelligence. The type of each observable determines which analyzers are available.

Procedure

1. Locate the observable on which you want to run the analyzers.

2. In the observable details, select .

3. Select Run analyzers.

4. In the Analyzer drawer, select the analyzers you want to run.

   Can't find an analyzer?

   If you can't find the analyzer you need, it might not be available for this observable type. Contact someone with admin-level permissions on Cortex to change the types associated with the analyzer.

5. Select Run selected analyzers.

Next steps

• Add an Observable
• Remove an Observable
• Update the Status of an Observable
• Edit Multiple Observables
• Pin an Observable
• Export Data from Observables
• Run Responders on an Observable
• Import Observables from Analyzer Reports
• Exclude an Observable from Similarity Checks