# Hunting Settings All settings related to classification and threat intelligence synchronization are configured in this section. * **Classification Engine Settings**: This section allows users to change time intervals for data collection synchronization of classification rules. Users can configure the next run time for specific intervals. * **Threat Intel Artifact Sync Settings:** This section allows users to change time intervals for notification settings synchronizations, event log and sysmon rules synchronizations, Windows security controls synchronizations, threat intel artifact synchronization and asset categories synchronization. * **Threat Intel Rule Sync Settings**: This section allows users to change time intervals for threat intel rule synchronization, remediation function synchronization, Windows forensic(Yara Rules) analysis synchronization, Windows threat monitor rules synchronization, Windows object and honeypot access rules synchronization. * **Asset & Threat Analysis Settings**: This section allows users to change time intervals for threat detection rules and synchronization, Windows threat monitoring and asset health and threat analysis synchronization. * **Forensic Analysis Settings**: This section allows users to change time intervals for Windows forensics analysis settings. * **GRC Settings**: This section allows users to change time intervals for GRC settings. * **Security Control Synchronization Settings**: This section allows users to change time intervals for security control frameworks, benchmarks and control types synchronization settings. * **Windows Command Templates** **Synchronization Settings:** This section allows users to change the time interval for Windows command template synchronization. * **Agent & Sensor Settings**: This section allows users to edit agent and sensor settings by changing event log and sysmon settings, users can also change the default intervals for specific usage. * **Enrichment Settings**: This section allows users to enable/disable portal futures and change the artifact enrichment interval. It is recommended to leave it by the default values. * **Visualizer Queries**: This section allows users to create custom visualizer queries like powershell-cmd activities, RDP queries, sensitive commands, etc. For creating a new query, users have to assign a name, a description for exploration of the query, and a base query. Also, default queries can be cloned, edited, and deleted. * **Time-Based Analysis Queries**: This section allows users to create custom queries for time-based analysis. Once it is created, users can see the result by clicking the "Visualizer" button. Also, default queries can be cloned, edited, and deleted. * **External Exposure Settings:** This setting should not be changed and should be defined as it is. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.cloudcyte.com/admin-guide/threat-hunting/hunting_settings.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.