Execute a simple Feed Scanner search

New
  • Published on Apr 14, 2025
  • 1 minute(s) read
Prev Next

Simple Feed Scanner searches offers the same back-end functionality as an advanced search query, but use a graphical UI (instead of command line syntax) that links a Field name, Operator and Value together in a single Expression, which can be chained together using AND functionality.

  1. Navigate to Threat Intelligence Management > Feed Scanner
  2. Simple Search tab will be preselected
  3. Specify a Field name scroll through the menu
  4. Use the drop-down menu to select an Operator relevant to the Field name
  5. Specify a Value
  6. Click plus icon to chain together a new Expression using AND
  7. (Optional) Use the Reset button to clear all parameters
  8. When you're ready to execute the query, click the Search button

Once the scan is complete, results are populated in the table view

Editing parameters

Editing the parameters can be easily done through your investigation.

  1. To edit the initial query make the required amendments in the Expression boxes

  2. Re-run the query by clicking the Search button

Saving queries

  1. Enter a valid set of parameters in the Query box
  2. Click the Save button on the top right
  3. Enter a Search Name
  4. (Optional) Enter a Description
  5. (Optional) Enter a Tags that will classified your saved searches
  6. (Optional) Reordered columns can be save by checking the Save column headers with the query box
  7. Click Save