Automated Sharing of Outbound Intelligence Records

  • Freigeben Version: Australia
  • Aktualisiert 12. März 2026
  • 1 Minute Lesedauer

    • Automated Outbound Intelligence Sharing enables the seamless and automatic distribution of intelligence records to external systems.

    Vorbereitungen

    Role required:
    • System Administrator (view, create or edit)
    • sn_sec_tisc.admin (view)

    Warum und wann dieser Vorgang ausgeführt wird

    The automated flow action creates an outbound intelligence sharing record with the specified records and processes them accordingly.

    Creating an outbound intelligence share record via automated process:

    Prozedur

    1. Navigate to All > Threat Intelligence Security Center > Administration.
    2. Select Automated Flows.
    3. Select Automated sharing of high-risk IOC's with trusted partners action link to view the respective rule details in the flow designer.
    4. View the flow designer action for the following triggers: 
      Daily at 12.00.00
Run every day once
    5. Go to Actions
      ActionDescription
      Select the Sharing Template Templates with a usage mode of both On-Demand and Automated Sharing, and Automated Sharing can be selected for Automated Sharing.
      List of Observables Select the type of observables record to add to an outbound intelligence record.
      List of Indicators Select the type of indicators to add to an outbound intelligence record.
      List of Objects Select the type of objects to add to an outbound intelligence record.
      Include Related Records Add the related records of the selected observables, including indicators and objects.
      Requires approval Select the check box that requires approval for the outbound intelligence record. Defining Approval Rule for Outbound Intel.
      Users assigned to approve requests Select the users responsible for reviewing and approving outbound intelligence sharing record. For more information, see Defining Approval Rule for Outbound Intel.
      Groups assigned to approve requests Select the groups responsible for reviewing and approving outbound intelligence sharing record. Defining Approval Rule for Outbound Intel.
    6. Select Done.

    Nächste Maßnahme

    Activate the flow. For more information on automated flows, see Automated sharing of high-risk IOC's with trusted partners.