Data Threat API calls are used to search for threat indicators. Submitted threat indicators are also available for the search. The resulting dataset can be formatted in JSON, XML, STIX, CSV, TSV, PSV, and CEF.
The threat indicators can be used by 3rd party solutions, e.g. with Palo Alto NGFW (please check the Infoblox TIDE feeds
into Palo Alto Networks Firewalls deployment guide (PDF) for more information on post-processing.
It is highly recommended to limit the amount of retrieving data by applying filters. The table below contains sample requests using the CURL command.
|CURL Command Requests|
|curl “” -u [YOUR_API_KEY]:||1000 threat indicators in CSV format which were added after 2017-06-04 GMT (Date/Time is in ISO 8601 format) by Infoblox and are not DGA|
|curl “” -u [YOUR_API_KEY]:||All currently active hostname threats detected by Infoblox|
|curl “period=30min&data_format=json” -u [YOUR_API_KEY]:||Infoblox-sourced hostnames for the past 30 minutes|
|curl “period=1w&data_format=csv ” -u [YOUR_API_KEY]:||iSight Partners and DHS AIS IPs for the past week, in CSV format|
This page has no comments.