Submit an IoC Lookup request from a security incident

  • 릴리스 버전: Australia
  • 업데이트 날짜 2026년 03월 12일
  • 소요 시간: 1분

    • An IoC lookup automatically runs whenever observables are added to a security incident. Also, if your security incident has attachments, they can be easily found with the press of a button.

    시작하기 전에

    For automatic IoC lookups, the Threat Intelligence plugin must be activated.

    Role required: sn_si.basic

    주:
    By default, the Lookup Type for File is inactive.

    프로시저

    1. Create a new security incident or open an existing one if you intend to attach new files to it.
    2. Click the paperclip icon in the form header and attach one or more files.
    3. When you have completed your entries on the form, right-click the form header and click Save.
      After the record has been saved, a Lookup attachments button appears.
    4. Click Lookup attachments.
      주:
      The work notes under Incident Details report the progress of the lookup process.
    5. You can click the lookup number at the end of the message to view the lookup record.
      You can click the Lookup reference link to view detailed results.
      Lookup request message