Searching IOC scan results

To find and view results of an IOC scan:

1. In the program web interface window, select the IOC/IOA Analysis section, IOC Scanner subsection.

   The table of IOC files opens.

2. Select the IOC file for which you want to view scan results.

   This opens a window containing information about the IOC file.

3. Do one of the following:
   • If you want to view alerts generated by the IOC file, click Find alerts to proceed to the alerts database.

     The alert table is opened in an new browser tab.

   • If you want to view events generated by the IOC file, click Find events to proceed to the events database.

     The event table is opened in an new browser tab.

See also IOC scan of events Viewing the table of IOC files Viewing information about an IOC file Uploading an IOC file Downloading an IOC file to a computer Enabling and disabling the automatic use of an IOC file when scanning events Deleting an IOC file Filtering and searching IOC files Clearing an IOC file filter Configuring an IOC scan schedule Supported OpenIOC Indicators of Compromise

Page top