Query Details
Parse Anomali Confidence Score
Query
//Parses out the confidence score for the Anomali feeds ThreatIntelligenceIndicator | parse-where ThreatType with * "confidence-" Confidence_Score | project NetworkIP, ThreatType, Confidence_Score, SourceSystem
Explanation
This query extracts the confidence score for the Anomali feeds and displays the network IP, threat type, confidence score, and source system.
Details
Rod Trent
Released: August 26, 2021
Tables
ThreatIntelligenceIndicator
Keywords
ThreatIntelligenceIndicator,Confidence_Score,NetworkIP,ThreatType,SourceSystem
Operators
parse-wherewith*project