Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 14 Next »


 

The Search Criteria page is where you set all of your endpoint search parameters. The page is broken down into the following categories:

Service

An endpoint may stand alone or be grouped together with other endpoints. Previously created group names will be displayed in the endpoint drop-down list. New groups may be created or edited using the gear icon at the end of the drop-down list. See Managing Groups

Content

Keywords can consist of a single word or groups of words or other queries input by the user. Previously created keyword groups can be found in the drop-down list where they can be selected. See Managing Keywords

File

File Name 

You may search by any specific file name or groups of names. Once a group name is created you can add individual file names or import a text file containing a list of file names.

File names must contain file extension

Example: filename.pdf

See Managing File Name Groups

File Owner

During the index phase, Interrogate automatically creates a list of all available file owners. All available file owners will show in the available grid.

Hash

You may search any endpoint for specific file hash (MD-5 or SHA-1) value. Interrogate is pre-populated with an extensive list of known Malware Indicators of Compromise. All pre-populated IOC's contain valid MD-5 or SHA-1 hash values. You may create your own Hash groups by inputting valid MD-5 or SHA-1 values. You may also import text based files containing your desired hash values.

Extension

You may search any endpoint for files with specific extensions. Interrogate is pre-populated with over 3000 file extensions in which to choose from. 

Date

Start Date
End Date

Quick Filters

Patterns
Deleted Files

 

 

 

 

 

 

 

 

 

 

  • No labels