--- title: "Monitored Queries" slug: "monitored-queries" tags: ["Automated Monitoring", "Brand Monitoring", "Threat Detection"] updated: 2026-04-23T20:02:03Z published: 2026-04-23T20:02:03Z --- > ## Documentation Index > Fetch the complete documentation index at: https://help.silentpush.com/llms.txt > Use this file to discover all available pages before exploring further. # Monitored Queries **Problem:** You’ve built great queries in Reconnaissance, finding suspicious domains, tracking brand impersonation, or mapping attacker infrastructure, but you can’t afford to run them manually every day. Threats move fast, and new indicators appear constantly. **Silent Push Solution:** Monitored Queries lets you turn any search into an automated, always-on watch. Once set, Silent Push runs your query every 24 hours and alerts you only when something new appears. No more manual repetition. No more missing emerging threats. ## How to Access Monitored Queries From the dashboard, click **Monitored Queries** under the **Getting Started With Reconnaissance** section. You’ll land on the central management screen where all your saved monitors live. ![Overview of reconnaissance tools for investigating domains, live scans, and monitoring queries.](https://cdn.document360.io/8e5460b3-9d96-4b01-8bb3-6591a4af3a8c/Images/Documentation/Screenshot 2026-04-23 at 2.59.29 PM.png) ## What You’re Seeing on This Screen This is your **monitoring command center**. Here’s what each column tells you: | Column | Why It Matters | | --- | --- | | **Monitor Active** | Blue toggle = actively running every 24 hours. Grey = paused. | | **Monitor Name** | Clear, human-readable label you created (e.g., “AIB Phishing Impersonation” or “DriveSurge C2 IPs”). | | **Monitor Query URL** | The actual query being monitored — useful for understanding what it watches. | | **Query Type** | Tells you the origin (Web Search, PADNS, Favicon Impersonation, etc.). | | **Created by** | Shows ownership and team collaboration. | | **History** | Click to see new findings from the last 7 days + download or copy results. | ## Why This Screen Matters This is where proactive defense becomes truly automated. Instead of checking the same queries daily, you set them once and let Silent Push do the heavy lifting. You only get notified when there’s something new, saving hours of analyst time while dramatically improving detection speed. Common high-value monitors include: - Brand + typo-squat monitoring - Threat actor infrastructure tracking - Attack surface changes (new subdomains, open directories, etc.) - Specific IP ranges or certificate patterns ## Managing Your Monitors - **Activate / Pause:** Use the toggle in the first column. - **Edit Name or Description:** Click the ellipsis (…) menu → **Edit Monitor Metadata**. - **Share with Team:** Ellipsis menu → **Share Monitor** (makes it visible to your organization). - **View History:** Click **History** to see new indicators from the past 7 days, with options to copy or download. - **Refresh:** Use the Refresh button to instantly update the table. > [!NOTE] > Tips > > - Give monitors clear, descriptive names — you’ll thank yourself later. > - Start small: Monitor 3–5 high-priority queries first, then expand. > - Use the **History** view regularly to spot trends over time. > - Combine with **Threat Check** to validate new findings quickly. ## A collection of user-defined queries set to run automatically at regular intervals (e.g., every 24 hours) to track changes in DNS, WHOIS, or web data, providing real-time alerts for potential threats.