- 02 Nov 2023
- Updated on 02 Nov 2023
Not only can you quickly and easily search for an ASN directly from a Dashboard component, you can also search for an IP, a Path, or a Domain from a component.
Simply click the ASN Organization, IP, Path, or Domain, and select to either Search this IP/ASN Organization/Path/Domain or Add IP/ASN Organization/Path/Domain to search.
Why do I get the message: There is a problem with the query, missing an operator or entity, please make sure it is valid and try again?
You may be entering your query parameters incorrectly.
- Make sure that the parameter is enclosed by
""in the case of Block ID, IP, and ASN Organization, or by
''in the case of User Agent, Domain, and Path.
- Check that the parameter type is written in the correct format.
You can see the data for an empty field by searching for "null" in the specific field. The search results will display all the results with an empty value for the specified field.
The search parameters should be written as follows:
header reference: null
The data available in the Investigation tab is available for the last 14 days.
- If the current Time Range is less than 14 days, the Investigation page displays data from the same time rage (from the last hour to the last 14 days).
- If the current Time Range is more than 14 days of data, the Investigation tab displays data from the last 14 days.
- If no Time Range filter is set, the data displayed will be for the last 14 days.
To refine the data presented in the Investigation:
- Set the filters. The filters in the Investigation tab work the same way as in the Dashboard. However, the filters that you set in the Dashboard are not always applied to the data in Investigation. If you navigated to Investigation by way of a Search, the search parameters and dashboard filters are applied to the data presented in Investigation. If you navigated to the Investigation page independently of a search, the Dashboard filters are not applied to the data in the Investigation page.
- Search. To locate specific information in Investigation, enter the query parameters in Search.
- You can also click on a specific ASN Organization, User Agent, or IP to search for that specific entity, add the entity to your search, or allow or deny the entity.
- The Analyzer tab gives you an detailed view of the data generated in your search.
- The Forensics tab presents the Activities Timeline table of raw data relevant to the search parameters.
If you are still having trouble finding what you are looking for, click Let us help you at the bottom of the Investigation page, and fill in the pop-up form. The date range cannot be changed in the pop-up form.
If you enter at least one Block ID in the Investigation Search Bar, and click GO, the Clear Block ID button appears. Clicking the Clear Block ID opens a pop-up.
- In the pop-up you can select the Block ID (or portion of) that you wish to clear, and for how long to clear it. Confirm that you are sure that you want to clear the selected Block ID.
- Click Cancel in the confirmation pane to return to the selection pane. The Block ID is cleared after you click Confirm
Note that a Block ID can only be released within 24h of the initial block.
You can manage the raw data presented in the Activity Timeline. To access the list of all the fields, click the pencil on the left of the Activity Timeline table.
You can download the data from the Activity Timeline as a CSV file of up to 60K rows of data. You can export up to 5 CSV files.