Assets and Observables

The Assets and Observables panel displays more information about the assets and observables seen in the current investigation.

Expand the Assets panel to view the total number and list of assets based on the most frequently seen to the least frequently seen in the investigation. Each asset is represented by a color-coded purple icon based on asset type, and includes the asset name, source, value, and labels.

List of 24 assets, including IP addresses like 6.90.18.192, from 39 total assets and observables.

Expand the Observables panel to view the total number and list of observables that were seen in the investigation. The (Investigated) icon and label display next to the observables that were included in the initial investigation; observables without this icon were added during the enrichment process.

List of 271 observables: domains, URLs, IP address, and file name. Two items are marked 'Investigated'.

Click the (Pivot Menu) icon next to an asset or observable to open the Pivot menu and view the verdicts for the asset, investigate it, create a judgment, or perform additional tasks by leveraging your integrated Cisco products.

The verdicts of an asset or observable are the most current, unexpired judgments with the highest priority. To view the verdicts of an asset or observable, click the (Pivot Menu) icon next to it. For more information, see Pivot Menu.

To investigate an asset or observable, click the (Pivot Menu) icon next to it and choose Investigate observable. For details, see Pivot Menu.The investigation begins and the results are displayed on the Investigation Results page. For more information, see Investigation Results.

To create a private judgment for an asset or observable and associate indicators, click the (Pivot Menu) icon next to it and choose Create Judgment. For more information, see the Create Private Judgment help topic.