Using Threat Lookup Finding Calculators

  • Release version: Zurich
  • Updated July 31, 2025
  • 1 minute to read

    • Use the Threat Lookup Finding Calculator to calculate the observable findings for your integration.

    Before you begin

    Role required: sn_ti.admin

    Procedure

    1. Navigate to All > Threat Intelligence > Administration > Threat Lookup Finding Calculators.
    2. Click New.
    3. On the form, fill the fields.
      FieldDescription
      Threat Lookup vendor Name of the threat look-up vendor.
      Observable Type Specify the classification of the observable type to which the script applies. For example, IP address or file hash, and so on. The script applies to all observables if you do not select any observable type.
      Finding Script Script editor to determine how you want to identify the various observable findings. The Threat Lookup Finding Calculator contains a sample script with the base system. You can use this script to determine the observable findings, or you can modify this script according to your requirements.
    4. Click Update.