Skip to main content

PANW Threat Vault - Signature Search

This Playbook is part of the Threat Vault by Palo Alto Networks Pack.#


No available replacement.

Initiates a Signature Search in Palo Alto Networks threat Vault.


This playbook uses the following sub-playbooks, integrations, and scripts.


  • GenericPolling


  • Threat_Vault


This playbook does not use any scripts.


  • threatvault-antivirus-signature-search
  • threatvault-dns-signature-search
  • threatvault-antispyware-signature-search
  • threatvault-signature-search-results

Playbook Inputs#

NameDescriptionDefault ValueRequired
signature_nameSignature name to search.Optional
domain_nameDomain name to search.Optional
vendorVendor name to search.Optional
cveCVE name to search.Optional
fromFrom which signature to return results(used for paging). Default is 0.0Optional
toTo which signature to return results. Default is from plus 10.10Optional
search_typeSearch type. ips for antispyware, dns for DNS and panav for antivirus.Required

Playbook Outputs#

ThreatVault.Search.search_request_idSearch request ID.String
ThreatVault.Search.statusSearch status.String
ThreatVault.Search.page_countHow many results returned in this specific search.Number
ThreatVault.Search.total_countHow many results are available for this specific search.Number
ThreatVault.Search.search_typeSearch type. can be wither ips, dns or panav.String
ThreatVault.Search.signaturesA list of all the found signatures for this specific search.Unknown