Views:
When building a search query, you can use the following criteria:
  • Entry criteria — Search criteria based on the type of entry in the Reputation database.
  • Tag criteria — Search criteria based on the tags in the Reputation database. This area lists the available tag categories in the Reputation database that can be included in the search.
Criteria Description
IP Address Select this option if the entry represents an IP address or block of IP addresses. The specified address may be either IPv4 or IPv6. If the value represents a block of IP addresses, the value should end with a “/” followed by a prefix length.
Domains Select this option if the entry represents a Domain. If this option is selected, only Domain entries are returned.
URL Select this option if the entry represents a URL. The URL must be less than 4K in length. A single wildcard string \* (backslash and asterisk) is supported. URL categories, such as Travel, are not supported.
Note
Note
Selecting this option searches for user-defined URL entries only. To look up entries and scores in the ThreatDV URL Reputation Feed, select ThreatDV URL Lookup in the navigation pane.
File Hash Select this option if the entry represents a file hash. The search will match a partial file hash. Your search can be for a specific hash, or you can search by hash type. To search for file hashes of a specific type, enter sha1 or sha256. You can prefix a file hash with a type to match hashes only of that type. For example, sha1:1234 would match any SHA-1 file hash starting with 1234.
Include Untagged Entries Includes addresses that do not have tags associated with them.
Include Tagged Entries Includes addresses that have tags associated with them.
Include Rep DV Entries Includes Reputation Digital Vaccine entries, an optional subscription-based service. These entries are displayed in a separate column on the search results table.
Include User Entries Includes user entries. These entries are displayed in a separate column on the search results table.
Include Geographic Includes Geographic information based on a computer’s IP address/hostname within a geographic region or country. These entries are displayed in the Address and Geo Filter Country columns on the search results table.
See Tag Categories.