![]() Fetch Incidents #įetch incidents will fetch livehunt notifications of the given ruleset or identifier.Īs an example, you can fetch incidents that were created by the CyberGate ruleset by using the "cybergate" tag. Your API key carries all your privileges, so keep it secure and don't share it with anyone. Your API key can be found in your VirusTotal account user menu. Leave blank to fetch all.Ĭlick Test to validate the URLs, token, and connection. Tag: The ruleset's name or the identifier for the YARA rule matching the file to fetch its notifications. Parameterįirst fetch timestamp (, e.g., 12 hours, 7 days) or a date or epoch timestamp. Search for VirusTotal - Premium (API v3).Ĭlick Add instance to create and configure a new integration instance. Navigate to Settings > Integrations > Servers & Services. Get a PCAP file generated from VirusTotal's sandbox for further analysis.Ĭonfigure VirusTotal - Premium (API v3) on Cortex XSOAR #. ![]() Group several files from VirusTotal into a password-protected ZIP file.Download suspicious files from VirusTotal for further analysis.Use retro hunt to analyze files with custom YARA rule.Fetch live hunt notifications as incidents.This integration was integrated and tested with VirusTotal - Premium (API v3) Use Cases # The differences between VirusTotal's Public API and Premium API can be found in the VirusTotal v3 API documentation. Use the premium API capabilities of VirusTotal to analyze retro hunts, read live hunt notifications, and download files from VirusTotal. Supported Cortex XSOAR versions: 5.5.0 and later.
0 Comments
Leave a Reply. |