Contents Security Operations Previous Topic Next Topic Submit an IoC Lookup request from the Security Incident Catalog Subscribe Log in to subscribe to topics and get notified when content changes. ... SAVE AS PDF Selected Topic Topic & Subtopics All Topics in Contents Share Submit an IoC Lookup request from the Security Incident Catalog If the Security Incident Response plugin is activated, you can submit threat lookups for files, hash values, URLs, and IP addresses from the Security Incident Catalog. The requests are submitted and you can view the results in the My Requests module. Before you begin Role required: none About this task Lookups are automatically performed for the default lookup type for each lookup source listed in the lookup record. The results of the lookup request are available in the My Requests module. Procedure Navigate to Self-Service > Security Incident Catalog. Click IoC Lookup. Click Lookup files, hash values, URLs or IP addresses. Enter one or more of the following: Table 1. IoC Lookup request Item to lookup Description Files Click the paperclip icon, then locate and attach the files you want to lookup. Note: By default, the Lookup Type for File is inactive. Files are converted and submitted as a hash value. URLs In the URLs field, enter the URLs you want to lookup, separated by commas. For example: www.abc.com,www.xyz.net. IP addresses In the IP addresses field, enter the IP addresses you want to lookup, separated by commas. Hash values In the Hash values field, enter the hash values you want to lookup, separated by commas.Note: When the Lookup Type for File is inactive, this value is the default action for both File and Hash values. When you have made your selections, click Submit. To view the status and/or results of the lookups, navigate to Self-Service > My Requests. Click the SR number for the request. The work notes under Activity list the tasks performed during the lookup, including the creation of individual lookups for each file, hash value, URL, or IP address, and the lookup results. On this page Send Feedback Previous Topic Next Topic
Submit an IoC Lookup request from the Security Incident Catalog If the Security Incident Response plugin is activated, you can submit threat lookups for files, hash values, URLs, and IP addresses from the Security Incident Catalog. The requests are submitted and you can view the results in the My Requests module. Before you begin Role required: none About this task Lookups are automatically performed for the default lookup type for each lookup source listed in the lookup record. The results of the lookup request are available in the My Requests module. Procedure Navigate to Self-Service > Security Incident Catalog. Click IoC Lookup. Click Lookup files, hash values, URLs or IP addresses. Enter one or more of the following: Table 1. IoC Lookup request Item to lookup Description Files Click the paperclip icon, then locate and attach the files you want to lookup. Note: By default, the Lookup Type for File is inactive. Files are converted and submitted as a hash value. URLs In the URLs field, enter the URLs you want to lookup, separated by commas. For example: www.abc.com,www.xyz.net. IP addresses In the IP addresses field, enter the IP addresses you want to lookup, separated by commas. Hash values In the Hash values field, enter the hash values you want to lookup, separated by commas.Note: When the Lookup Type for File is inactive, this value is the default action for both File and Hash values. When you have made your selections, click Submit. To view the status and/or results of the lookups, navigate to Self-Service > My Requests. Click the SR number for the request. The work notes under Activity list the tasks performed during the lookup, including the creation of individual lookups for each file, hash value, URL, or IP address, and the lookup results.
Submit an IoC Lookup request from the Security Incident Catalog If the Security Incident Response plugin is activated, you can submit threat lookups for files, hash values, URLs, and IP addresses from the Security Incident Catalog. The requests are submitted and you can view the results in the My Requests module. Before you begin Role required: none About this task Lookups are automatically performed for the default lookup type for each lookup source listed in the lookup record. The results of the lookup request are available in the My Requests module. Procedure Navigate to Self-Service > Security Incident Catalog. Click IoC Lookup. Click Lookup files, hash values, URLs or IP addresses. Enter one or more of the following: Table 1. IoC Lookup request Item to lookup Description Files Click the paperclip icon, then locate and attach the files you want to lookup. Note: By default, the Lookup Type for File is inactive. Files are converted and submitted as a hash value. URLs In the URLs field, enter the URLs you want to lookup, separated by commas. For example: www.abc.com,www.xyz.net. IP addresses In the IP addresses field, enter the IP addresses you want to lookup, separated by commas. Hash values In the Hash values field, enter the hash values you want to lookup, separated by commas.Note: When the Lookup Type for File is inactive, this value is the default action for both File and Hash values. When you have made your selections, click Submit. To view the status and/or results of the lookups, navigate to Self-Service > My Requests. Click the SR number for the request. The work notes under Activity list the tasks performed during the lookup, including the creation of individual lookups for each file, hash value, URL, or IP address, and the lookup results.
