it could be great that when you are working with a large numbers of observables you must use analizers's enrichment to tag "kown observables".
For example:
Imagine you have ten IPs and you discover a new domain from first IP. You click on Cortex analyzer report and select the new domain and click on "Import Selection" and "create observable".
Well, come to this point if you analyze second IP and discover the same domain from first IP. You cant import selection because in this point, new domain is just created. But maybe could be a great option to allow "To tag sighted observables" or similar.. especially to known that this second IP is related and user can filter in the menu.
I think this could be an amazing option when in a case one observable is a lot of important and to have filter capabilities with this importing way could be helpfull.
@torsolaso Thanks for your issue! I'm not sure I understand though. Basically, you'd like the ability to mark many observables at once as related to another observable?
Request Type
Feature Request
Problem Description
it could be great that when you are working with a large numbers of observables you must use analizers's enrichment to tag "kown observables".
For example:
Imagine you have ten IPs and you discover a new domain from first IP. You click on Cortex analyzer report and select the new domain and click on "Import Selection" and "create observable".
Well, come to this point if you analyze second IP and discover the same domain from first IP. You cant import selection because in this point, new domain is just created. But maybe could be a great option to allow "To tag sighted observables" or similar.. especially to known that this second IP is related and user can filter in the menu.
I think this could be an amazing option when in a case one observable is a lot of important and to have filter capabilities with this importing way could be helpfull.
Regards,