noun
A suspicious indicator of a threat such as a URL, hash, or email address submitted to Threat Intelligence Management. You can automatically download observables from premium intelligence and open intelligence sources into Splunk KV stores and use them to alert against internal log events.
In Investigate and Respond to Threats in Splunk Mission Control: