Applies to version: 3008.0.1.5018 and beyond.
With the release of version x.x.x.5018, Infocyte has provided a method to specify date ranges in the Analyze section of the product. This can be done globally, or per target group, for 1 or more days worth of data.
This allows the user to analyze only the days in question, specific object types (e.g. processes and injections while leaving out artifacts) or (e.g. show me only "bad" items for this range that are processes) and to quickly load the data again without needing to recreate the view each time.
To add a custom view to the analyze section of Infocyte endpoint:
1) Navigate to Analyze
2) Select the drop down of your current view, and select the + sign
3) Provide a friendly name for the view, select your date range, and specify a Target Group.
4) Add Additional filters for Threat Status, File Flag, or Object Type and click Save.
Note: The Infocyte UI will generate the data cross-section and then add a link under the view section for the Target Group you selected. Depending on the criteria that was selected, this process can take a moment. There will be a task running in the top right corner, during this time, for your reference.
5) View your new selection
As always if you have any questions, comments, or concerns, our support team is standing by.
Comments
0 comments
Please sign in to leave a comment.