VirusTotal Livehunt Feed
VirusTotal Pack.#
This Integration is part of theSupported versions
Supported Cortex XSOAR versions: 5.5.0 and later.
Use the VirusTotal Livehunt Feed integration to fetch indicators from Livehunt rules or rulesets.
#
Configure VirusTotal Livehunt Feed in CortexParameter | Description | Required |
---|---|---|
feed | The fetch indicators. | False |
api_key | API Key. | True |
filter | Exact name of the rule or ruleset you want to filter on. Leave empty to receive all. | False |
feedReputation | The indicator reputation. | False |
feedReliability | The source's reliability. | True |
tlp_color | The Traffic Light Protocol (TLP) designation to apply to indicators fetched from the feed. More information about the protocol can be found at https://us-cert.cisa.gov/tlp | False |
feedExpirationPolicy | The feed's expiration policy. | False |
feedFetchInterval | The feed fetch interval. | False |
feedBypassExclusionList | Whether to bypass exclusion list. | False |
#
Livehunt Feed infoBy default the Livehunt feed retrieve indicators based on all active rulesets in livehunt, you have the option to get indicators only from one rule or ruleset using the filter parameter.
#
CommandsYou can execute these commands from the CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.
#
Get IndicatorsGets the indicators from VirusTotal Livehunt.
#
Base Commandvt-livehunt-get-indicators
#
InputArgument Name | Description | Required |
---|---|---|
limit | The maximum number of indicators to return. The default value is 10 and max 40. | Optional |
filter | Exact name of the rule or ruleset you want to filter on. | Optional |
#
Context OutputThere is no context output for this command.
#
Command Example!vt-livehunt-get-indicators limit=1 filter=WannaCry_Ransomware
#
Human Readable Output#
Indicators from VirusTotal LivehuntSha256 | Detections | Filetype | Rulesetname | Rulename |
---|---|---|---|---|
f221425286c9073cbb2168f73120b6... | 59/69 | Win32 EXE | Wannacry Ransomware | WannaCry_Ransomware_Gen |
#
### vt-reset-fetch-indicators Demo VideoThis command will reset your fetch history.
#
Base Commandvt-reset-fetch-indicators
#
InputThere are no input arguments for this command.
#
Context OutputThere is no context output for this command.