Skip to content

How to Find a Job#

This topic provides step-by-step instructions for searching a job in TheHive.

A job is a task initiated by Cortex to run an analyzer on an observable.

Can't find a job?

5.5 Case visibility can be restricted to protect sensitive data. If you aren't an authorized user, its linked observables and any jobs launched on those observables won't appear in the list, search results, or dashboards.

Procedure

  1. Go to the Global Search view from the sidebar menu.

    Global Search feature sidebar menu

  2. Select the Jobs item on the Search scope pane.

    Global Search feature sidebar menu

    All elements

    Select the All elements item for a comprehensive tool-wide overview that includes all entity types, such as cases, alerts, observables, jobs, tasks, and task logs. Use this option to analyze cross-linked information or to conduct a detailed investigation.

  3. Enter the keywords you want to search for in the search box displayed by default.

    5.4.7 Wildcard character

    You can use the wildcard character * to broaden your searches.

    The wildcard character acts as a placeholder that matches zero or more characters, helping you find variations of a term or incomplete information.

    Examples of use cases:
    - Email domains: Entering *@gmail.com will return entities containing the gmail.com domain.
    - IP subnets: Entering 192.168.*.* will return entities with IP addresses in the 192.168.x.x subnet.
    - URLs: Entering https://malwaredomain.com/* will return entities hosted under the malwaredomain.com directory.

    Other advanced search options, such as Boolean and phrase searches, are not currently supported.

    Unindexed fields

    The workerDefinition field and the operations[] array aren't indexed for search.

  4. If you need additional filters, apply one or more filters by selecting Add new filter.

    These filters refine your search results and act as an equivalent to the AND operator in Boolean search.

    Required filters

    Filters are required for the following fields to ensure the search engine accurately interprets values:
    - Fields with specific date formats
    - Custom fields

  5. Based on your inputs, a list of results appears.

You can view up to 300 results per page and navigate through them using Previous and Next.

Next steps