Indicator Types - Administrator Guide - Cortex XSIAM - Cortex - Security Operations

Indicators are categorized by indicator type, which determines the indicator layout (fields) that are displayed and which scripts are run on indicators of that type. To view and customize indicator types, go to Settings → Configurations → Object Setup → Indicators → Types.

Indicator types include:

You can edit, create, export and import indicator types, disable and enable indicator types. For example, you may want to disable the File indicator and enable separate indicator types for File MD5, File SHA-1, etc. For more information, see File Indicators.