# Keywords

Keywords are a first filter to determine if an Event is relevant for you. For every Company Cluster you create, Liberty91 creates dozens of complex, security specific [regex](https://regexlearn.com/) keywords that do a lot of the monitoring for you. You don't have to worry about them at all. Just know they exist. You can view them under [the 'Keywords' menu](https://platform.liberty91.com/disco/keyword/create/) in the sidebar (you may have to scroll down a little bit). 

<figure><img src="/files/6e36MaeXWmM0oX86Pj67" alt="" width="563"><figcaption><p>having hundreds of complex regex keywords is not uncommon</p></figcaption></figure>

Keywords have a description and a value (often a [regex](https://regexlearn.com/)). The value is what is used for the monitoring, and the description is what you will see in the 'tag' on your dashboards. If any of those keywords is too noisy, you can simply delete it here as well.

{% hint style="warning" %}
Be careful with acronyms or high-frequency, generic keywords. a set of keywords around 'google', for example is likely going to be very noisy.
{% endhint %}

Keywords pop-up on your dashboards and in your morning reports if they match with an event. They show as grey tags, which lets you know that these assets are mentioned, and in what context.

<figure><img src="/files/Gc14Vvqe29aRngO8MXLI" alt="" width="370"><figcaption><p>although not obvious from the title, this event talks about WordPress and FileZilla in a security context</p></figcaption></figure>

In any cluster, you can bulk-create more of those complex regexes, by just providing a keyword. For example: if you have a region-cluster for 'The Netherlands', you may want to add 'Holland'-keywords as well. This makes sure you capture all events that mention the country in a security context.&#x20;

<figure><img src="/files/QpH5RuWw1OI09HBjMP1I" alt="" width="300"><figcaption><p>this action will add approx. 26 complex regexes around the keyword 'down under' to the Australia cluster</p></figcaption></figure>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.liberty91.com/the-threat-library/keywords.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.