Filtering in the Technical Blogs and Reports Source
  • 18 May 2023
  • 2 Minutes to read
  • Dark
    Light

Filtering in the Technical Blogs and Reports Source

  • Dark
    Light

Article Summary

Important
With the introduction of the CAL™ Automated Threat Library Source, the Technical Blogs and Reports Source will be deprecated in the near future.

Overview

The Technical Blogs and Reports Source aggregates blog posts from over 90 open-source security blogs. Each blog post is represented as an Incident in ThreatConnect®, and a Tag is assigned to each blog. You can use filters on the Browse screen to identify the blogs that are in the Source and to find all Groups from a particular blog that contain one or more keywords. The results of these filters can be saved as queries for convenient viewing at a later time or for use in a Query card on a dashboard.

Before You Start

Minimum Role(s)Organization role of Read Only User
PrerequisitesNone

Filtering to Blogs Only

  1. On the top navigation bar, hover over Browse and select Tags. All Tags in the owner(s) selected in the My Intel Sources selector will be displayed on the Browse screen.
  2. Click the My Intel Sources selector at the upper-left corner of the Browse screen, locate the Technical Blogs and Reports Source in the Intel Sources section, hover over it, and clickView Only Eye icononly (Figure 1). Only Tags in the Technical Blogs and Reports Source will be displayed on the screen.
    Note
    If you have a large number of Sources, use the Filter sources bar in the My Intel Sources selector to filter the list of Sources to display only the Technical Blogs and Reports Source.
    Figure 1_Filtering in the Technical Blogs and Reports Source_7.1.0

     

  3. Type BLOG: (including the colon) into the search bar at the top of the Browse screen. Only Tags in the Technical Blogs and Reports Source whose summary contains BLOG: will be displayed on the screen (Figure 2). Each of these Tags represents a blog collected into this Source. Graphical user interface, table  Description automatically generated

     

    Important
    Do not select the Exact matches checkbox before or after typing BLOG: into the search bar, as no results will be returned. For more information on using this checkbox to perform an exact-matches query, see the "Exact Matches Query" section of Browse.
    Note
    To save the query used in Step 3, click the vertical ellipsisVertical ellipsis_Blackat the upper-right corner of the Browse screen and select Save Current Query….

Filtering Groups in a Blog by Keyword

  1. Follow Steps 1–3 in the “Filtering to Blogs Only” section to display all Tags representing blogs in the Technical Blogs and Reports Source on the Browse screen.
  2. Click on a Tag to display its Details drawer.
  3. Click the vertical ellipsisat the upper-right corner of the Tag’s Details drawer and select Pivot.
  4. After selecting Pivot, you will be prompted to choose whether to pivot on Indicators or Groups. Select Groups to display all Groups from the selected blog on the Browse screen.
  5. Enter a keyword into the search bar at the top of the Browse screen. Only Groups in the selected blog with the keyword in their title will be displayed on the screen (Figure 3). Graphical user interface, text, application, email  Description automatically generated

     

    Note
    To save the query used in Step 5, click the vertical ellipsisVertical ellipsis_Blackat the upper-right corner of the Browse screen and select Save Current Query….

ThreatConnect® is a registered trademark, and CAL™ is a trademark, of ThreatConnect, Inc.

20068-01 v.02.D


Was this article helpful?