View Sightings Search Data

  • リリースバージョン: Australia
  • 更新日 2026年03月12日
  • 所要時間:2分

    • Review the aggregate data of all sighting searches.

    始める前に

    Role required: sn_si.analyst

    手順

    1. Navigate to a security incident.
    2. Select the Sightings Search Data tab from Show All Related Lists Related List group to view the list of sightings searches.
      注:
      This data can be shared with Trusted Security Circle.
      表 : 1. Sightings Search Data
      Result Description
      End date range Time to stop looking for sightings.
      External Sightings Aggregated count of external sightings. (Received from threat sharing.)
      Internal Sightings Aggregated count of internal sightings.
      Is Local Indicates whether the sightings came from the current or a shared environment.
      Observable List of all observables searched for by query.
      Sighting count Number of sightings searched for.
      Sighting search Sightings Search identifier.
      Sighting search detail Aggregate detail of the sighting search.
      Sighting search link Link pointing to the Sighting search portal. The search query is automatically applied upon clicking the Sighting search link.
      Sighting search query Query to identify the instance.

      172.10.0.171 is substitutable and gets substituted in the observable selected.

      (search 172.10.0.171 | head 10)

      注:
      Selection of days will not be applicable to Saved search.