Search for observables


To search for observables:

  1. Browse to the search section, and search for the observables you want by entering a literal value or a data pattern in the search field.

  2. In the search result view, click the Observables tab.

The following table includes examples of JSON path search query strings you can enter in the search field to look for specific types of observable.


Entity JSON path

Description

extracts.kind

Searches for types of observable.


enrichment_extracts.kind

Searches for types of enrichment observables.

extracts_nested.kind

Searches for types of observables embedded in parent entities.

meta.bundled_extracts.kind

Searches for types of observables bundled in an ingested package.

data.related_extracts.kind

Searches for observables with the specified type of relationship.

Searches for types of observables embedded in parent entities.

To look for corresponding observable values, replace kind with value in the JSON paths.