Search Indicators¶
-
TruStar.search_indicators(search_term=None, enclave_ids=None, from_time=None, to_time=None, indicator_types=None, tags=None, excluded_tags=None)¶ Uses the search_indicators_page method to create a generator that returns each successive indicator.
Parameters: - search_term (str) – The term to search for. If empty, no search term will be applied. Otherwise, must be at least 3 characters.
- enclave_ids (list(str)) – list of enclave ids used to restrict indicators to specific enclaves (optional - by default indicators from all of user’s enclaves are returned)
- from_time (int) – start of time window in milliseconds since epoch (optional)
- to_time (int) – end of time window in milliseconds since epoch (optional)
- indicator_types (list(str)) – a list of indicator types to filter by (optional)
- tags (list(str)) – Name (or list of names) of tag(s) to filter indicators by. Only indicators containing ALL of these tags will be returned. (optional)
- excluded_tags (list(str)) – Indicators containing ANY of these tags will be excluded from the results.
Returns: The generator.