Contents x
      Create a filter profile
      • 13 Nov 2023
      • 1 Minute to read
      • Print
      • Dark
        Light
      Contents

      Create a filter profile

      • Updated on 13 Nov 2023
      • 1 Minute to read
      • Print
      • Dark
        Light
      Article summary

      Silent Push Enterprise allows organizations to compartmentalise threat intelligence and feed data into one or more distinct profiles, called Filter Profiles.

      Filter Profiles enable organisations to create custom threat intelligence management workflows that cater to unique internal job roles, and are able to be assigned to key personnel for daily monitoring of feed data.

      Filter Profiles work by applying logical expressions - i.e. criteria applied to data that is either true or false.

      Filter Profiles use three fields to populate a single logical expression:

      1. Indicator - The piece of information you'd like to base your profile on - e.g. a domain, IP address, date, score etc.
      2. Operator - This field is used to decide what characteristics your indicator needs to have - greater than, lower than, is, is not etc.
      3. Value - A boolean value that your operator uses to decide which information to return in the profile - e.g. a subnet, a date, a score.

      Creating a new filter profile

      1. Navigate to Threat Intelligence Management > Filter Profiles

      2. Click Create New to create a new Filter Profile

      3. Specify the Indicator, Operator and Value fields to populate your profile with the desired data

      4. To add another seperate set of criteria, click Add new and use the boolean operators AND or OR to specify the relationship with other criteria

      5. To remove a set of criteria, or an operator, click the Trash Can icon

      6. To add an additional, separate logical expression with its own set of criteria, click New Logical Expression and choose a boolean operator to link it with any existing expressions

      7. Click Add Tag to assign up to 50 custom tags that help you identify the kind of data contained within the filter profile, and group it with other profiles

      8. Click Save to store your progress

      9. Click Apply to complete the process

      Note: Users are able to multi-select Source Name, Source Vendor and ASN as a single logical expression when creating or editing filter profiles, making it quicker and easier to construct filter profiles that rely on these values.

      Was this article helpful?
      What's Next