Section name.General: General metadata about NIDS.ĪlienVault.getIndicatorForCorrelationRules Section name.General: MITRE CVE data (CPEs, CWEs, etc.), any pulses this indicator is on, list of the other sections currently available for this URL. Indicator page api for CVEs (MITRE’s Common Vulnerability Enumeration). url_list: Full results (potentially multiple) from AlienVault Labs url analysis.general: Historical geographic info, any pulses this indicator is on, list of the other sections currently available for this URL.analysis: dynamic and static analysis of this file (Cuckoo analysis, exiftool, etc.).general: General metadata about the file hash, and a list of the other sections currently available for this hash.Indicator page api for files (file hashes). Indicator page api for hostname names.Example hostnames: ‘ ’, ‘ ’, ‘ .uk’. Section name (one of general, geo, malware, urlList, passiveDns,whois). ![]() Indicator page api for domain names.Example domains: ‘ ’, ‘ ’. passiveDns: passive dns information about hostnames/domains observed by AlienVault Labs pointing to this IP address.Įxample: api/v1/indicators/IPv4/8.8.8.8/general.urlList: URLs analyzed by AlienVault Labs which point to or are somehow associated with this IP address.malware: Malware samples analyzed by AlienVault Labs which have been observed connecting to this IP address.geo: A more verbose listing of geographic data (Country code, coordinates, etc.).reputation: OTX data on malicious activity observed by AlienVault Labs (IP Reputation). ![]() general: General information about the IP, such as geo data, and a list of the other sections currently available for this IP address.Section name (one of general, reputation, geo, malware, urlList, passiveDns). Only include pulses modified more recently than a specific time. FieldĬomma seperated list of indicator types to limit results to. String which includes latitude and longitude coma separatedĮxport indicators for pulses in your pulse subscriptions. ![]()
0 Comments
Leave a Reply. |