You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
i imported a timeline into timesketch,
i filter by several time filters i know the attacker was on the system,
when i switch from saved search to another the filters disappear.
it would be great if i can save all those filters to use in a later queries without having to entering them again.
thanks
The text was updated successfully, but these errors were encountered:
Thanks for the input @hasamba
It is a great idea and I can see how this will help with the UX of the general analysis workflow. I'll get it on the roadmap 👍
first iteration: Have a list of last used time filters available for searches. e.g. in the search omnibox or when clicking the "Add timefilter" button as a quick selection.
This should the quite straightforward to implement, since we have the information already stored with the search history.
Something like this:
second iteration: Provide the option to manually save/favorite/star/mark a timefilter for later usage.
This should also be exposed via API so other tools like dftimewolf can set prepared timefilters based on information it gets from other places (e.g. a case management tool).
i imported a timeline into timesketch,
i filter by several time filters i know the attacker was on the system,
when i switch from saved search to another the filters disappear.
it would be great if i can save all those filters to use in a later queries without having to entering them again.
thanks
The text was updated successfully, but these errors were encountered: