Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 17 Next »

Online Help Version 2.4

 

 

The Search Criteria page is used to input all of your desired search criteria in which to perform a search. The criteria page is broken down into the following categories:

Service

Any endpoint may stand alone or be grouped together with other endpoints. Previously created group names will be displayed in the endpoint drop-down list. New groups may be created or edited using the gear icon at the end of the drop-down list. See Managing Groups

Content

Keywords can consist of a single word or groups of words or other queries input by the user. Previously created keyword groups can be found in the drop-down list where they can be selected. See Managing Keywords

File

File Name 

You may search by any specific file name or groups of names. Previously created keyword groups can be found in the drop-down list where they can be selected. Once a group name is created you can add individual file names or import a text file containing a list of file names.

File names must contain file extension

Example: filename.pdf

See Managing File Name Groups

File Owner

During the index phase, Interrogate automatically creates a list of all available file owners. All available file owners will show in the available grid. Previously created file owner groups can be found in the drop-down list where they can be selected.

Hash

You may search any endpoint for specific file hash (MD-5 or SHA-1) value. Interrogate is pre-populated with an extensive list of known Malware Indicators of Compromise which may be selected in the drop-down list. All pre-populated IOC's contain valid MD-5 or SHA-1 hash values. You may create your own Hash groups by inputting valid MD-5 or SHA-1 values. You may also import text based files containing your desired hash values.

 

Extension

You may search any endpoint for files with specific extensions. Previously created extension groups can be found in the drop-down list where they can be selected.  Interrogate is pre-populated with over 3000 file extensions in which to search and select from. You will find your extension list once you create and name an extension group.

Date

Start Date

You may select 

End Date

Quick Filters

Patterns
Deleted Files

 

 

 

 

 

 

 

 

 

 

 

 

 

 

  • No labels