Skip to main content

ACTI Report Enrichment

This Playbook is part of the Accenture CTI v2 Pack.#

Deprecated

No available replacement.

  • NOTE: This playbook is deprecated.
  • This sub-playbook can be plugged into playbooks from other vendors in order to pull ACTI Intelligence Alerts & Intelligence Reports into an XSOAR incident.
  • This sub-playbook can be integrated into generic XSOAR playbooks and playbooks from other vendors by itself.

Dependencies#

This playbook uses the following sub-playbooks, integrations, and scripts.

Sub-playbooks#

This playbook does not use any sub-playbooks.

Integrations#

  • ACTI Indicator Query

Scripts#

This playbook does not use any scripts.

Commands#

  • acti-getThreatIntelReport

Playbook Inputs#


NameDescriptionDefault ValueRequired
ia_uuidThe Intelligence Alert uuid.${intelligence_alerts}.NoneOptional
ir_uuidThe Intelligence Report uuid.${intelligence_reports}.NoneOptional
DomainThe extarcted Domain.${Domain}Optional
IPThe extracted IP.${IP}Optional
URLThe extracted URL.${URL}Optional

Playbook Outputs#


PathDescriptionType
IAIRunknown
DBotScoreunknown
Domainunknown
IPunknown
URLunknown

Playbook Image#


ACTI Report Enrichment