Skip to main content

Cyware Threat Intelligence eXchange

View Threat Data Activity Timeline

The threat data activity timeline shows you the complete history of indicators in Intel Exchange. The timeline gives you information on all aspects of indicators and the actions performed on them such as:

  • Added to or removed from the watchlist

  • Added to or removed from allowed indicators

  • Added or removed from ignored third-party indicators

  • Marked as revoke

  • Calculated confidence score

  • Marked or unmarked as deprecated

  • Marked or unmarked for manual review

  • Marked or unmarked as a false positive

  • Added or removed tags

  • Actions passed by CTIX rules

  • Updated TLP

  • Received data from tools, sources, or subscribers

  • Updated risk severity

  • Updated analyst description

  • Updated custom score

To view the activity timeline for indicators:

  1. Go to Main Menu > Collection > Threat Data.

  2. Select an indicator to view the details.

    Important

    You can view the timeline only for indicators.

  3. Click Timeline. Total Lifetime shows the overall duration the indicator was present in Intel Exchange.

You can view the date and time when the action was performed on the indicator.

Unable to view activity timeline?

During periods of heavy feed polling from various sources, there may be a delay in displaying the timeline. We recommend waiting for a while and then reloading the page.