When a file is manually uploaded in Enterprise Security(ES), you can (and have to) define File Name, File to be uploaded, Weight, Threat Category, Threat Group, the option to Overwrite and the option to Sinkhole the file.
In our case I would not like to keep the file, just use the data for 24h so I will be selecting to Sinkhole it yet I am not sure how to configure data expiration. When a feed is configured in Threat Intelligence Downloads an expiration field is available, yet not the case here.
Thank you in advance.
N
... View more