AbuseIPDB#
README
AbuseIPDB#
AbuseIPDB is a project dedicated to helping combat the spread of hackers, spammers, and abusive activity on the internet.
The analyzer comes in only one flavor.
Requirements#
You need a valid AbuseIPDB API integration subscription to use the analyzer:
- Provide your API key as a value for the
keyparameter. - Set the
daysparameter to limit temporal range in search
AbuseIPDB#
Author: Matteo Lodi; Fabien Bloume, StrangeBee
License: AGPL-v3
Version: 1.1
Supported observables types:
- ip
Registration required: True
Subscription required: True
Free subscription: True
Third party service: https://www.abuseipdb.com/
Description#
Checks an IP against AbuseIPDB for abuse score, categories, and recent reports.
Configuration#
| key | API key for AbuseIPDB |
|---|---|
| Default value if not configured | N/A |
| Type of the configuration item | string |
| The configuration item can contain multiple values | False |
| Is required | True |
| days | Check for IP Reports in the last X days |
|---|---|
| Default value if not configured | 30 |
| Type of the configuration item | number |
| The configuration item can contain multiple values | False |
| Is required | False |
Templates samples for TheHive#
