CTAC Guide
  • Introduction
  • Overview
    • Cyber Threat Analysis Center (CTAC)
    • Elastic Stack
      • Data Sets
        • Indices
        • botnet_tracker
        • breach_data
        • darkweb
        • keylogger_data
        • malicious_emails
        • open_cloud
        • pastebin
        • sinkhole_traffic
        • source_code_secrets
        • threat_recon
      • Appendices
        • Data Sets - Unique Fields
        • Data Sets - Common Fields
        • Elastic Stack Field Listing: wl_*
    • Pandoc
    • CyberChef
    • OpenRefine
    • Open Source Intelligence Resources
Powered by GitBook
On this page
  1. Overview
  2. Elastic Stack
  3. Data Sets

Indices

All of the data sets have indices that can be selected to narrow the scope of queries and visualizations.

  • wl_botnet_tracker*

  • wl_breach_data*

  • wl_darkweb*

  • wl_darkweb_forum*

  • wl_darkweb_marketplace*

  • wl_darkweb_ransomware*

  • wl_keylogger_data*

  • wl_malicious_email*

  • wl_malicious_email_detections*

  • wl_malicious_emails*

  • wl_malicious_emails_context*

  • wl_open_cloud_*

  • wl_open_cloud_buckets*

  • wl_open_cloud_bucket_files*

  • wl_pastebin*

  • wl_sinkhole_traffic*

  • wl_source_code_secrets*

  • wl_threat_recon*

These indices can also be used to aggregate similar documents. For example wl_darkweb* subsumes each of the three related document types describing different aspects of the dark web:

  • wl_darkweb_forum*

  • wl_darkweb_marketplace*

  • wl_darkweb_ransomware*

All indices are aggregated into a top level index that can be selected to perform operations across all of the diverse Data Sets, Indices, and Document Types:

  • wl_*

PreviousData SetsNextbotnet_tracker

Last updated 4 years ago