The Search Criteria page is where you set all of your endpoint search parameters. The page is broken down into the following categories:
Service
An endpoint may stand alone or be grouped together with other endpoints. Previously created group names will be displayed in the endpoint drop-down list. New groups may be created or edited using the gear icon at the end of the drop-down list. See Managing Groups
Content
Keywords can consist of a single word or groups of words or other queries input by the user. Previously created keyword groups can be found in the drop-down list where they can be selected. See Managing Keywords
File
File Name
You may search by any specific file name or groups of names. Once a group name is created you can add individual file names or import a text file containing a list of file names.
| Info | ||
|---|---|---|
| ||
Example: filename.pdf |
See Managing File Name Groups
File Owner
During the index phase, Interrogate automatically creates a list of all available file owners. All available file owners . The list is generated when the endpoint service creates an index.
Hash
will show in the available grid.
Hash
Interrogate is pre-populated with an extensive list of known Malware Indicators of Compromise. All pre-populated IOC's contain valid MD-5 or SHA-1 hash values. You may create your own Hash groups by inputting valid MD-5 or SHA-1 values. You may also import text based files containing your desired hash values.
Extension
Date
Start Date
End Date
Quick Filters
Patterns
Deleted Files
