Hello All,
I have been trying to create custom queries in Sophos Central for finding IoCs (SHA1 and SHA256).
Can you please help me build query for the same?
Regards,
Jenil
This thread was automatically locked due to age.
Hello All,
I have been trying to create custom queries in Sophos Central for finding IoCs (SHA1 and SHA256).
Can you please help me build query for the same?
Regards,
Jenil
Hi Jenil,
I suggest checking the following request we've received previously, as this should give you a good starting place to create this query.
- Live Discover and Response Query Forum > Threat Hunting
Checking the following documentation, it looks like the "pathname" column has been depreciated. You can instead use "path"
- docs.sophos.com/.../index.html