Actions
Search Events
Search events.
External Documentation
To learn more, visit the MISP documentation.
Basic Parameters
Parameter | Description |
---|---|
Attribute | Filter events matching the given string with attributes values. |
Direction | Direction of the sort. |
Filter events by matching the event creator user email. | |
Event ID | The ID of the event. Must be equal or under 10 characters. |
Minimal | Returns a minimal version of the event. Note : only events with attributeCount > 0 will be returned. |
Organisation | Filter events by matching the creator organisation name. |
Sort | Field to be used to sort the result. |
Threat Level | Represents the threat level. |
Advanced Parameters
Parameter | Description |
---|---|
Analysis State | Represents the threat level. |
Distribution | Who will be able to see this event once it becomes published and eventually when it becomes pulled. |
Event Info | Filter events by matching the event info text. |
From Date | Returns events that in which creation date is greater or equal. |
Has Proposal | Filter events by checking if it has attributes with change proposals. |
Limit | Limit search filter. Must be greater or equal to 0. |
Page | Page number. Must be greater or equal to 1. |
Search Date From | Filter attributes in which creation date is greater or equal. |
Search Date Until. | Filter attributes that in which creation date is less or equal. |
Sharing Group ID | The sharing group of the events. Must be equal or under 10 characters. |
Start Publish Timestamp | Event publish timestamp greater or equal. |
Start Timestamp | Event timestamp greater or equal. |
Tag | The tag of the events. Must be equal or under 255 characters. |
Tags | Filter events by matching any of the event tags of a given list of tag names. |
Until date | Returns events that in which creation date is less or equal. |
Example Output
Workflow Library Example
Search Events with Misp and Send Results Via Email
Preview this Workflow on desktop