# Search Results

Once a <mark style="color:green;">hunt query</mark> is executed, the <mark style="color:green;">**Results**</mark> page displays all matched threat intelligence entries based on the selected indicator and search term. The returned findings are enriched with metadata to support prioritization and further investigation.

Each result represents a correlated threat signal found within the Inopli DRP database or across integrated external sources. The system aggregates and categorizes findings to streamline triage and decision-making.

***

### Result Summary Overview

At the top of the Results screen, summary indicators are displayed:

* <mark style="color:green;">**Total Results**</mark> – Total number of matching threat records
* <mark style="color:green;">**Search Time**</mark> – Time taken to complete the query (in milliseconds)
* <mark style="color:green;">**Search Term**</mark> – The query string used during the hunt

***

### Result Table Fields

Each result row contains:

* <mark style="color:green;">**ID**</mark> – Unique incremental identifier for visual sorting
* <mark style="color:green;">**Category**</mark> – General threat category (e.g., Malware, Phishing, InfoStealer)
* <mark style="color:green;">**Type**</mark> – Specific sub-type within the category (e.g., Ransomware, Email, Domain)
* <mark style="color:green;">**Values**</mark> – IOC(s) matched against the hunt query (e.g., domain, email, hash)
* <mark style="color:green;">**Confidence**</mark> – Estimated confidence level (e.g., 85%) based on correlation signals and source reliability
* <mark style="color:green;">**UUID**</mark> – Internal unique identifier for traceability and pivoting
* <mark style="color:green;">**Threat Data**</mark> – Origin scope of the intelligence (e.g., Global, Regional, Tenant-based)

Each result can be expanded or clicked to view full details, including the source, enrichment layers, relationship graph, and timestamps.

<figure><img src="/files/Gt94hcB8R3GGRvVK1DxM" alt=""><figcaption></figcaption></figure>

All search results can be <mark style="color:green;">**exported**</mark> in multiple formats to support external analysis, reporting, or archival. Supported formats include <mark style="color:green;">**CSV**</mark> for structured data handling, <mark style="color:green;">**PDF**</mark> for static reporting, and <mark style="color:green;">**HTML**</mark> for easy sharing or offline review. Exports preserve metadata such as confidence level, threat category, and UUID for traceability.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.inopli.com/drp/hunt/search-results.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.