Current ThreatQ Version Filter
About Building Searches with Filter Sets
Filter Sets allow you to create multiple sets of filters that can be applied to the threat library at the same time using AND/OR logic. You can also save your Filter Sets using the Save Search option - see the Saving Searches section in the About Managing Search Results topic for more details.
Adding Filter Sets
- Use the NOT checkbox to determine if the filters in the initial filter set will be used to include or exclude Threat Library objects.
- Select one or more filters for the search.
You can use the search box provided at the top of the filters dropdown to narrow down the list of available filters.
- Click on Add Another Filter Set.
A new Filter Set table will load below the first set.
- Use the Not checkbox to determine if the filters in the new filter set will be used to include or exclude Threat Library objects.
- Use the Filters dropdown next to the new filter set to add filters.
- Click on the And/Or dropdown to set the And/Or logic for the Filter Sets. See the And/Or Order of Operations topic for more details.
Repeat steps 3-6 to add additional filter sets.
Deleting Filter Sets
Deleting a Filter Set removes it from the search results and cannot be undone.
- Click on the delete
icon located next to the right of the Filters dropdown.
You can click on Clear Filters, located above the filter sets, to remove all filter sets from the current search.
And/Or Order of Operations
Filter Set AND/OR logic follows the standard mathematical order of operations with ANDs being executed before ORs. The table below provides different scenarios and examples for Filter Sets.
| Scenario | Order | Example |
|---|---|---|
| Single AND | Filter 1 AND Filter 2 |  |
| Single OR | Filter 1 OR Filter 2 |  |
| Single AND, Single OR | (Filter 1 AND Filter 2) OR Filter 3 |  |
| Multiple ANDs, Single OR | (Filter 1 AND Filter 2 AND Filter 3) OR Filter 4 |  |
| Multiple ANDs, Multiple ORs | (Filter 1 AND Filter 2) OR (Filter 3 AND Filter 4) |  |