ITarian Help

Find the desired product help

SOCaaP

SOCaaP

Version 2.2

English

Print Help
SOCaaP SIEM > Lists > Manage Live List Content
  • Introduction
    • Logging-in To The SOCaaP Console
  • Dashboard Overview
    • Summary
    • Alerts, Incidents And Website Vulnerabilities
    • Customer Health
  • SOCaaP Alerts/Escalations
    • Log-in To The Admin Console
    • The Home Screen
    • Service Summary
    • Incidents Overview
      • Incidents
      • Threat Summary
    • Log Collection Summary
    • Threat Communication Graph
    • Tickets
    • Reports
    • Notification Settings
    • Integrate Your Office 365 Account With SOCaaP
  • SOCaaP SIEM
    • Log-in To The Admin Console
    • The Main Interface
    • The Dashboard
    • Customer Asset Management
      • Add Customers
      • Add Assets For Monitoring
        • Hard Assets
        • Soft Assets
      • Configure Nxlog And Rsyslog To Send Logs To SOCaaP Server
      • Edit Customers
    • Query Management
      • Configure Event Queries
      • Long Term Analysis
      • Configure Custom Dashboards
      • Event Field Selection Settings
    • Manage Rules
      • Manage Correlation Rules
      • Manage Tagged Rules
      • Manage Aggregation Rules
    • Incidents
      • Manage Incidents
      • Incident Category Management
      • Category Action Management
    • Lists
      • Manage Live Lists
      • Manage Live List Content
      • Manage Range List Content
      • Manage IP Range List Content
      • Manage Multiple Column List Content
    • Manage Reports
    • Administration
      • Event Collection
      • Phantom Settings
      • Manage Users
    • Appendix 1 – Field Groups And Event Items Description
    • Appendix 2 – SOCaaP Supported Logs
  • SOCaaP Web Protection
    • Add Websites
    • The Main Interface
    • The Dashboard
    • Website Data And Settings
      • Website Overview
      • Security Scans
        • Website Scans
        • Website Files Security Scans
          • Malware Scan Settings
            • Automatic Configuration
            • Manual Configuration
          • Run A Scan And View Results
          • Notifications, Malware Removal And Scheduled Scans
        • Vulnerability Scans
          • CMS Vulnerability Scans
          • OWASP Top 10 Vulnerability Scans
      • Content Delivery Network
        • Activate CDN For A Website
        • CDN Settings
        • View CDN Metrics
      • Firewall
        • WAF Statistics
        • WAF Events
        • Configure WAF Policies
        • Manage Custom Firewall Rules
      • SSL Configuration
      • DNS Configuration
      • Add Trust Seal To Your Websites
      • Back Up Your Website
        • Backup Settings
        • On-Demand Backup
        • View Backup Records And File Statistics
        • Restore And Download Website Files
        • Delete Backups
    • Manage Your Profile
  • Sensor Installation
    • Requirements
    • (Option 1) Create Installation Media
    • (Option 2) Deploy Virtual Machine Environment
      • Create A New Virtual Machine
      • Configure Memory Size
      • Configure Hard Disk
      • View VM Summary
      • Configure Network Settings
      • Select VM Startup Disk
    • Sensor Installation Steps
    • Sensor Configuration Steps
      • Login To The Web Portal
      • User Settings
      • Configure Network
      • Configure Timezone
      • Key Activation
      • (Optional) Valkyrie Key Verdict
      • (Optional) Forward Log
  • Frequently Asked Questions
  • About ITarian Security Solutions

Manage Live List Content

 

The values for a live list can be populated in two ways

  • Manually added to the list.

  • Fed from a correlation rule. Rules that identify specific events can be configured to feed values to a live list from those events. See List Mappings in Manage Correlation Rules.

This section explains how to manually add values to lists and manage existing values. The 'Live List Content Management' interface allows you to view values added to all or selected lists, manually add new values, edit existing values and remove values from a list.


To open the 'Live List Content Management' interface

  • Click the 'Menu' button from the top right, choose 'Lists' and then click 'Live List Content Management'.



By default, the live 'List Contents' table shows the values added to all the live lists. You can filter the table to view the values added to a specific list using the filter options from the top.


Live List Contents Table – Column Descriptions

Column Header

Description

Value

Displays the value added to a list.

List

Displays the Live List to which the value belongs.

Type

Displays the type of the Live List, to which the value belongs.

Customer

Displays the customer to which the value is applicable.

Due Date

Indicates date and time till which the value is valid in the list. On lapse of the due date, the value will be automatically removed from the list.

Last Update Time

Date and time the Live List was last updated.


Sorting and Filtering Options:

  • Clicking on any of the table header sorts the items in alphabetical/ascending/descending order
  • To filter values for a specific customer, choose the customer from the 'Customer' drop-down and click 'Search'.
  • To view values that belong to a specific live list, choose the list from the 'List' drop-down and click 'Search'.
  • To view values that belong to a specific live list type, select the list from the 'List' drop-down, then choose the type from the 'Type' drop-down and click 'Search'.
The interface allows you to:
  • Manually add values to live lists
  • Import values to a live lists
  • Export values to a live lists
  • Edit existing values in a list
  • Remove values from a list

To manually enter a value to a list

  • Click the 'Add' button at the bottom right of the 'Live List Content Management' interface.

The 'List Content Add' dialog will appear.




  • Select the Live List and the list type to which the value is to be added, from the respective drop-downs under 'List Management'. See 'Create new live list' in 'Manage Live Lists' for details about creating new live lists'.
  • Enter the value for the field defined for the live list in the 'Value' field.
  • Enter the date till which the value is valid in the 'Due Date' field.
  • Click the calendar icon at the left of the field and choose the date.
  • On the specified date, the value will be automatically removed from the list. Select the 'Permanent' option if you want the value to be valid forever.
  • Select the customer to which the value should apply from the 'Customer' drop-down.
  • Click 'Submit'.

The value will be added to the selected list type.

  • Repeat the process for adding more values to the list.

You can click 'Upload File' management.


To Import values to a live list 

  • Click the 'Menu' button at top right > choose 'Lists'
  • Click 'Live List Content Management'
  • Select the list to which you want to import values then click the 'Import' button 



The 'Import List Content' screen will open:


 

     
  • 'Due Date' – Date at which the list values will expire and will no longer be active. 
  • Select the customer for whom you want to import live list values
  • Click 'Import' to upload the file

Please note that you can upload only one list in a file.


To Export values to a live list

  • Select the live list and then click 'Export' button



  • The 'Export' screen will open.



The 'Export' screen will open. Since all imported lists can be exported in a single attempt, you need to choose to

  • Select 'Values Only' option to enable export
  • Click 'Ok' to upload the file

Please note that you can upload only one list in a file.


To edit an existing value in a list

  • Select the live list and choose the type from the 'List' and 'Type' drop-downs respectively at the top of the 'Live List Content Management' interface and click 'Search', to view only the values added to the required 'Live List'/'Type'.
  • Select the value and click the 'Edit' button  at the bottom right of the interface.

The 'List Content Edit' dialog will appear for the chosen value. The dialog is similar to the 'List Content Add' dialog. See above for more details.




  • Edit the details as required and click 'Submit'.

The value will be edited and will take immediate effect on the event queries and correlation rules in which the live list is used.


To remove a value from a list

  • Select the live list from the 'Live List Content' interface
  • Select the value and click the 'Delete' button  at the bottom right of the interface.

A confirmation dialog will appear.




  • Click 'Yes' to confirm the removal.

The list will be updated with the removal of the value. The change will take effect immediately in event queries and correlation rules which use the list.

Comodo Help
  • IT Platform:
  • Help
  • Scripts
  • Wiki
  • Forum
  • Developer
  • RMM
  • Patch Management
  • Service Desk
  • ITSM
  • Managed Service Provider
  • Managed Detection and Response
  • Ticketing System
  • Helpdesk
  • ITIL

Copyright 2025 Itarian