OpenCTI#
OpenCTI_SearchObservable#
Author: ANSSI
License: AGPL-V3
Version: 1.0
Supported observables types:
- domain
- ip
- url
- fqdn
- uri_path
- user-agent
- hash
- mail
- mail_subject
- registry
- regexp
- other
- filename
Registration required: N/A
Subscription required: N/A
Free subscription: N/A
Third party service: N/A
Description#
Query multiple OpenCTI instances for an observable.
Configuration#
| name | Name of OpenCTI servers |
|---|---|
| Default value if not configured | N/A |
| Type of the configuration item | string |
| The configuration item can contain multiple values | True |
| Is required | False |
| url | URL of OpenCTI servers |
|---|---|
| Default value if not configured | N/A |
| Type of the configuration item | string |
| The configuration item can contain multiple values | True |
| Is required | True |
| key | API key for each server |
|---|---|
| Default value if not configured | N/A |
| Type of the configuration item | string |
| The configuration item can contain multiple values | True |
| Is required | True |
| cert_check | Verify server certificate |
|---|---|
| Default value if not configured | N/A |
| Type of the configuration item | boolean |
| The configuration item can contain multiple values | False |
| Is required | True |
Templates samples for TheHive#
No template samples to display.
Last update: October 16, 2020 10:16:05