Kaspersky Anti Targeted Attack Platform
5.0
English

Contents

Filtering and searching IOC files

To filter or search for IOC files by required criteria:

  1. In the window of the program web interface, select the Custom rules section, IOC subsection.
  2. This opens the IOC file table. Do the following depending on the filtering criterion:
    • By importance
      1. Click the Apt_icon_Importance_new icon to open the filter configuration window for IOC files.
      2. Select one or several of the following importance levels:
        • Low.
        • Medium.
        • High.
      3. Click Apply.
    • By file name
      1. Click the Name link to open the IOC file filter configuration window.
      2. Enter one or several characters of the IOC file name.
      3. Click Apply.
    • By the state of the automatic scan (enabled / disabled)
      1. Click the Autoscan link to open the filter configuration window for IOC files.
      2. Select one of the following options:
        • Enabled
        • Disabled

The table of IOC files will display only IOC files that match the filter criteria you have set.

You can use multiple filters at the same time.

See also

Managing user-defined IOC rules

Viewing the table of IOC files

Viewing information about an IOC file

Uploading an IOC file

Downloading an IOC file to a computer

Enabling and disabling the automatic use of an IOC file when scanning hosts

Deleting an IOC file

Searching for alerts in IOC scan results

Searching for events using an IOC file

Clearing an IOC file filter

Configuring an IOC scan schedule
Page top
[Topic 196143]