Observables

  • Release version: Zurich
  • Updated July 31, 2025
  • 1 minute to read

    • Observables represent stateful properties (such as the MD5 hash of a file or the value of a registry key) or measurable events (such as the creation of a registry key or the deletion of a file) that are pertinent to the operation of computers and networks.

    Following are the type of observables available in the application:
    • Artifact
    • AS Number
    • Directory
    • Domain Name
    • Email Address
    • Email Message
    • Email Subject
    • File
    • IPv4 Address
    • IPv4 CIDR
    • IPv6 Address
    • IPv6 CIDR
    • MAC Address
    • MD5 Hash
    • Mutex Name
    • Network
    • Other Observable
    • Process
    • SHA1 Hash
    • SHA256 Hash
    • SHA512 Hash
    • Software
    • URL
    • User Account
    • Windows Registry Key
    • X.509 Certificate