In the Malware Information Sharing Platform (MISP), tags are a pivotal feature that allows for easier categorization and identification of events, attributes, and even other tags. They provide a simple and quick way to group related items, enabling users to filter and search effectively.
Step One: Navigating to the Tags Interface
First, log into your MISP account and navigate to the “Event Actions” tab located at the top of your dashboard. From the dropdown menu, select “List Tags”. This will lead you to the Tags interface where you can see a list of existing tags.
Step Two: Adding a New Tag
Next, locate the “Add Tag” button on the top left corner of the Tags interface. Clicking on this will open up a new form, where you’ll input the details of your new tag.
Step Three: Filling in Tag Details
In the form, you’ll see several fields, such as:
- Name: This is where you specify the name of the tag. Choose a name that accurately describes the events or attributes you will be tagging.
- Colour: This allows you to associate a color with your tag for easy identification. Click on the color box and select your desired color from the palette.
- Exportable: This checkbox determines whether or not the tag will be included when events are shared or exported. Tick the box if you want the tag to be exportable.
Step Four: Saving Your Tag
Once you’ve filled in the details, click on the “Add” button at the bottom of the form. This will save your tag, and you can start using it to label events and attributes.
Using the Tags
To use your new tag, go to the event or attribute you want to tag and click on the ‘tag’ icon. From the dropdown list, select the tag you just created. Click ‘Add’, and your tag will be attached to the event or attribute.
