Skip to content

Search OpenCTI based on an STIX indicator patter #1604

New issue
New issue
Closed
Closed
Search OpenCTI based on an STIX indicator patter#1604

Description

@Fran992

Fran992
openedon Sep 29, 2021

Hello,
I'm new in this community and I just installed OpenCTI few days ago, but I have a couple of questions about indicators.

After reading some articles (about stix and opencti) and did some tests on opencti demo, I'm still wondering how to have all observables that have a common charateristic wrote in indicator stix pattern.
For example, if I have an indicator like this: [email-message:subject = 'Hello'], can I get all the observables (type email messages) that contain the word "Hello"? If yes how?

Thanks for your help, I know that is a basic question but I really want to start with this tool.

Best regards,

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Assignees

No one assigned

    Labels

    featureuse for describing a new feature to developfilters & searchLinked to search results and filtering enginesolveduse to identify issue that has been solved (must be linked to the solving PR)

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions