Multi-select artifacts or attachments

Ability to multi-select attachments in order to download or delete, or perform other actions.

  • Guest
  • Feb 20 2019
  • Future consideration
  • Guest commented
    7 Apr 01:55pm

    Not having this functionality is causing us to create hacky ways to get around this that aren't straightforward for us or the incident response team using the platform.

    As others have mentioned there are many use cases for having actions on multiple artifacts. In my opinion this should be implemented as soon as possible.

  • Guest commented
    7 Nov, 2020 01:19am

    +1 on this. Super important to be able to manage multiple IOCs and run automation on them, rather than only one Artifact at a time or building a custom function to pull all Artifacts via API. It should be intuitive in the UI to select Artifacts and run a Menu Item rule on them.

  • Guest commented
    3 Nov, 2020 08:59am

    +1 on this. We would leverage the possibility of bulk download several attachments, instead of downloading each single attachment one-by-one.

  • Guest commented
    1 Sep, 2020 02:29pm

    +1 on this being needed. Here's another situation we'd use:

    We are limited to 5 concurrent FireEye HX enterprise searches. We want to add the ability to launch a FireEye HX enterprise search on artifacts, using the values as parameters for the search. Currently we'd have to launch one search per artifact. It would be great if there was functionality to select multiple artifacts and launch an action on all of said artifacts. This way we could launch one enterprise search with whatever artifacts the analyst wanted to search for.

    I think this functionality would be useful beyond what was mentioned above.

  • Guest commented
    8 Jul, 2019 03:40pm

    This should be prioritized, and seems like it should be a basic necessity. Bulk managing IOCs without this ability is nearly impossible.


    Examples include blocking many URLs, banning hashes, adding IPs to a SIEM reference set, sending multiple attachments for file analysis, etc.