Bowei Chi
- Total activity 15
- Last activity
- Member since
- Following 0 users
- Followed by 0 users
- Votes 1
- Subscriptions 6
Activity overview
Latest activity by Bowei Chi-
Bowei Chi created a post,
Where's connection setting for web hook?
Hi there, I have a web hook set up on my portal for sending scheduled search results. It appears that the UI has changed a bit since I last used it. There's no longer a "settings" tab under "Mana...
-
Bowei Chi commented,
Is the combination of collector + "save" query the only way to generate/update the local lookup file? It sounds like the beta UI allows you to upload CSV directly. What about via API? We need to u...
-
Bowei Chi commented,
Thanks for the reply Piotr. Is there a work around for this use case where I have cidr information in CSV in the format of route, mask_length 95.83.225.128,29 95.85.86.0,24 represent cidr 95.83.22...
-
Bowei Chi created a post,
lookup operator with compareCIDRPrefix
Can I use lookup operator in combination with compareCIDRPrefix to check if ip in the log is in a list of cidrs from csv? Something like this, but iIt complain about "unexpected token" if I query...
-
Bowei Chi commented,
I'm looking for updates on the lookup operator as well. Please!
-
Bowei Chi commented,
Hi there, Where can you find the list of files in /shared directory? Is there a way to delete files no longer needed there? Thanks!
-
Bowei Chi created a post,
lookup operator with dynamic url?
Is it possible to use a dynamically generated url in "lookup" operator? For example, I'd like to pass dest_ip to the url in lookup: | fields dest_ip, url| lookup cidr from https://xxxxxx.ngrok.io/{...
-
Bowei Chi created a post,
threat intel data integration besides crowdstrike?
Are there any resource / documentation on building a threat intel app much like the crowdstrike app but using a different source to correlate the intel data? The alternative source can be a REST e...