AbuseIPDB#
README
AbuseIPDB#
AbuseIPDB is a project dedicated to helping combat the spread of hackers, spammers, and abusive activity on the internet.
The analyzer comes in only one flavor.
Requirements#
You need a valid AbuseIPDB API integration subscription to use the analyzer:
- Provide your API key as a value for the
keyparameter. - Set the
daysparameter to limit temporal range in search
AbuseIPDB#
Author: Matteo Lodi
License: AGPL-v3
Version: 1.0
Supported observables types:
- ip
Registration required: True
Subscription required: True
Free subscription: True
Third party service: https://www.abuseipdb.com/
Description#
Determine whether an IP was reported or not as malicious by AbuseIPDB
Configuration#
| key | API key for AbuseIPDB |
|---|---|
| Default value if not configured | N/A |
| Type of the configuration item | string |
| The configuration item can contain multiple values | False |
| Is required | True |
| days | Check for IP Reports in the last X days |
|---|---|
| Default value if not configured | 30 |
| Type of the configuration item | number |
| The configuration item can contain multiple values | False |
| Is required | False |
Templates samples for TheHive#
Last update: November 15, 2021 06:39:11