How to Run Responders on an Observable

This topic provides step-by-step instructions for running responders on an observable in TheHive.

Responders execute actions on cases, alerts, observables, tasks, and task logs to support investigations and incident response.

Required permissions

Only users with the manageObservable permission can manage observables in TheHive.

Procedure

1. Locate the observable on which you want to run the responders.

2. In the observable details, select .

3. Select Responders.

4. In the Run actions on current observable drawer, select the responders you want to run.

5. Select Launch actions.

6. Select Confirm.

Next steps

• Add an Observable
• Remove an Observable
• Update the Status of an Observable
• Edit Multiple Observables
• Pin an Observable
• Export Data from Observables
• Run Analyzers on an Observable
• Import Observables from Analyzer Reports
• Exclude an Observable from Similarity Checks