TISC Data Archival

  • Rversion finale: Australia
  • Mis à jour 12 mars 2026
  • 1 minute de lecture

    • The Threat Intelligence Security Center is provisioned with archival rules in the base system for the TISC table. The related records are also added in the base system to the TISC archive rule.

    Avant de commencer

    Role required: admin

    Procédure

    1. Navigate to All > System Archiving > Archival Rules.
      The list of archival rules that are applicable for TISC are displayed. These archival rules are different for every object type and are applicable independently.
    2. Filter the tables names starts with sn_sec_tisc.
    3. View the TISC related records.
      Threat Intelligence Record Reference Table
      Archive Attack Pattern sn_sec_tisc_attack_pattern
      Archive Campaign sn_sec_tisc_campaign
      Archive Course of Action sn_sec_tisc_course_of_action
      Archive Data Component sn_sec_tisc_aggregated_data_component
      Archive Data Source sn_sec_tisc_aggregated_data_source
      Archive Identity sn_sec_tisc_identity
      Archive Infrastructure sn_sec_tisc_infrastructure
      Archive Intrusion Set sn_sec_tisc_intrusion_set
      Archive Malware sn_sec_tisc_malware
      Archive Malware Analysis sn_sec_tisc_malware_analysis
      Archive Marking Definition sn_sec_tisc_marking_definition
      Archive Object Sighting sn_sec_tisc_object_sighting
      Archive Observed Data sn_sec_tisc_observed_data
      Archive Threat Actor sn_sec_tisc_threat_actor
      Archive Threat Event sn_sec_tisc_threat_event
      Archive Threat Grouping sn_sec_tisc_threat_grouping
      Archive Threat Note sn_sec_tisc_threat_note
      Archive Threat Opinion sn_sec_tisc_threat_opinion
      Archive Threat Report sn_sec_tisc_threat_report
      Archive Tool sn_sec_tisc_tool
      Archive Vulnerability sn_sec_tisc_vulnerability
      Artifact sn_sec_tisc_artifact
      AS Number sn_sec_tisc_as_number
      Directory sn_sec_tisc_directory
      Email Address sn_sec_tisc_email_address
      Email Message sn_sec_tisc_email_message
      Email Subject sn_sec_tisc_email_subject
      File sn_sec_tisc_file
      Indicator Archive Rule sn_sec_tisc_indicator
      IPv4 Address sn_sec_tisc_ipv4_address
      IPv4 CIDR sn_sec_tisc_ipv4_cidr
      IPv6 Address sn_sec_tisc_ipv6_address
      Location sn_sec_tisc_location
      MAC Address sn_sec_tisc_mac_address
      MD5 Hash sn_sec_tisc_md5_hash
      Mutex Name sn_sec_tisc_mutex_name
      Other Observable sn_sec_tisc_other_observable
      Process sn_sec_tisc_process
      SHA1 Hash sn_sec_tisc_sha1_hash
      SHA256 Hash sn_sec_tisc_sha256_hash
      SHA512 Hash sn_sec_tisc_sha512_hash
      URL sn_sec_tisc_url
      User Account sn_sec_tisc_user_account
      Windows Registry Key sn_sec_tisc_windows_registry_key
      X.509 Certificate sn_sec_tisc_x_509_certificate
      Object-Object Relationship Archive Rule sn_sec_tisc_m2m_object
      Object-Observable Relationship Archive Rule sn_sec_tisc_m2m_object_observable
      Related Indicator Archive Rule sn_sec_tisc_m2m_indicator
      RSS Feed Archive Rule sn_sec_tisc_m2m_object_indicator
      Imports Archive Rules sn_sec_tisc_m2m_indicator_observable
      Remarque :

      For information on how the archival rules are created, see Create an archive rule in Core UI.

    4. Select an archival rule.
      For example, select Directory observable record to see the base system archival rule.
    5. Update the rule if required.