Filtering in the Technical Blogs and Reports Source
- 18 May 2023
- 2 Minutes to read
-
Print
-
DarkLight
Filtering in the Technical Blogs and Reports Source
- Updated on 18 May 2023
- 2 Minutes to read
-
Print
-
DarkLight
Article Summary
Share feedback
Thanks for sharing your feedback!
Important
With the introduction of the CAL™ Automated Threat Library Source, the Technical Blogs and Reports Source will be deprecated in the near future.
Overview
The Technical Blogs and Reports Source aggregates blog posts from over 90 open-source security blogs. Each blog post is represented as an Incident in ThreatConnect®, and a Tag is assigned to each blog. You can use filters on the Browse screen to identify the blogs that are in the Source and to find all Groups from a particular blog that contain one or more keywords. The results of these filters can be saved as queries for convenient viewing at a later time or for use in a Query card on a dashboard.
Before You Start
| Minimum Role(s) | Organization role of Read Only User |
|---|---|
| Prerequisites | None |
Filtering to Blogs Only
- On the top navigation bar, hover over Browse and select Tags. All Tags in the owner(s) selected in the My Intel Sources selector will be displayed on the Browse screen.
- Click the My Intel Sources selector at the upper-left corner of the Browse screen, locate the Technical Blogs and Reports Source in the Intel Sources section, hover over it, and click
only (Figure 1). Only Tags in the Technical Blogs and Reports Source will be displayed on the screen.NoteIf you have a large number of Sources, use the Filter sources bar in the My Intel Sources selector to filter the list of Sources to display only the Technical Blogs and Reports Source.
- Type BLOG: (including the colon) into the search bar at the top of the Browse screen. Only Tags in the Technical Blogs and Reports Source whose summary contains BLOG: will be displayed on the screen (Figure 2). Each of these Tags represents a blog collected into this Source.
ImportantDo not select the Exact matches checkbox before or after typing BLOG: into the search bar, as no results will be returned. For more information on using this checkbox to perform an exact-matches query, see the "Exact Matches Query" section of Browse.NoteTo save the query used in Step 3, click the vertical ellipsis
at the upper-right corner of the Browse screen and select Save Current Query….
Filtering Groups in a Blog by Keyword
- Follow Steps 1–3 in the “Filtering to Blogs Only” section to display all Tags representing blogs in the Technical Blogs and Reports Source on the Browse screen.
- Click on a Tag to display its Details drawer.
- Click the vertical ellipsisat the upper-right corner of the Tag’s Details drawer and select Pivot.
- After selecting Pivot, you will be prompted to choose whether to pivot on Indicators or Groups. Select Groups to display all Groups from the selected blog on the Browse screen.
- Enter a keyword into the search bar at the top of the Browse screen. Only Groups in the selected blog with the keyword in their title will be displayed on the screen (Figure 3).
NoteTo save the query used in Step 5, click the vertical ellipsisat the upper-right corner of the Browse screen and select Save Current Query….
ThreatConnect® is a registered trademark, and CAL™ is a trademark, of ThreatConnect, Inc.
20068-01 v.02.D
Was this article helpful?
