Page tree

Contents

Provides a list of reported threats associated with the indicator from the Cloud Services Portal.

Data Structure:

{
 “dropped_count”: integer, 
 “max_request_count”: integer,
 “record_count”: integer, 
 “threat”: [
   {
    “batch_id”: string, 
     “class”: string, 
    “detected”: string, 
    “domain”: string, 
    “host”: string,
    “id”: string, 
    “imported”: string, 
    “ip”: string, 
    “origin”: string, 
    “profile”: string, 
    “property”: string, 
    “received”: string,  
    “target”: string,
    “threat_level”: integer, 
    “tld”: string,
    “tlp”: string, 
    “type”: string, 
    “up”: string,
    “url”: string,
    “extended”: { 
      “url_hash”: string
    }
   },
   …
  ]
 }

Example:

When given an indicator of “moiparks.in”, ATP will return

{
 "dropped_count": 0,
 "max_requested_count": "50",
 "record_count": 6, 
 "threat": [
   {
    "batch_id": "c60fb776-a5f8-11e6-898a-95226fae6af8", 
    "class": "Policy",
    "detected": "2016-11-03T22:17:26.000Z",
    "dga": "false",
    "domain": "moiparks.in",
    "expiration": "2016-12-03T22:17:26.000Z",
    "host": "moiparks.in",
   "id": "c6129e0b-a5f8-11e6-898a-95226fae6af8", 
    "imported": "2016-11-08T21:17:37.479Z",
    "ip": "",
    "origin": "",
    "profile": "AIS-FEDGOV",
    "property": "Policy_NCCICwatchlist", 
    "received": "2016-11-08T21:17:37.479Z",
    "target": "", 
    "threat_level": 100, "tld": "in",
    "tlp": "",
    "type": "HOST",
    "up": "true",
    "url": ""
   }, 
… ] }


Click here to return to the Infoblox Dossier User Guide main page.

  • No labels

This page has no comments.