Scheduled searches allow you to create a search that occurs on a defined schedule.

Steps for Creating a Scheduled Search

USE CASE: You would like to run a weekly search for specific file-based IOC's related to malware or ransomware.

1.Select "New Schedule" from the upper right corner

2. Select how often you would like the schedule to repeat. Daily (once a day), Weekly (once a week), or Monthly (once a month)

3. Select a start date/time and end date/time by clicking on the appropriate icons

4. Once an end date is selected, click on the "Display schedule times" to verify your scheduled search.

5. Enter a name for the schedule and select the job to hold the scheduled search.

6. Select "Create Schedule" to define your search criteria.

7. You will automatically be directed to the Search Criteria page. Enter all information to define your search including endpoints and other criteria. When finished, select "Search". You will see a verification of your search name, select the arrow to create your scheduled search.

Next - Heureka Searching

Browser not supported