Vai al contenuto principale
POST
/
api
/
v1
/
v-ciso
/
incidents
/
{organizationid}
/
threat-intel
Enrich incident with threat intelligence
curl --request POST \
  --url https://app.aegister.com/api/v1/v-ciso/incidents/{organizationid}/threat-intel \
  --header 'Content-Type: application/json' \
  --header 'X-Aegister-Token: <api-key>' \
  --data '
{
  "indicators": [
    {}
  ]
}
'
{
  "error": 0,
  "messages": "<array>",
  "total": 1,
  "data": [
    {
      "type": "<string>",
      "value": "<string>",
      "threat_intel": {
        "crime_score": 123,
        "country": "<string>",
        "organization": "<string>",
        "is_malicious": true,
        "threat_types": [
          "<string>"
        ]
      }
    }
  ]
}

Autorizzazioni

X-Aegister-Token
string
header
obbligatorio

Parametri del percorso

organizationid
integer
obbligatorio

Corpo

indicators
object[]
obbligatorio

List of indicators to look up. Each item should have 'type' (ip, domain, url, hash) and 'value'.

Risposta

error
integer

Any value different from 0 indicates an error.
More details can be found in messages.

Intervallo richiesto: 0 <= x <= 0
Esempio:

0

messages
array

If error is 1, contains zero or more details on the error.

Esempio:
[]
total
number

Total number of items that meet the list filter.
This doesn't represent the number of items inside the data array.

Intervallo richiesto: x >= 0
Esempi:

20

30

40

data
object[]