ThreatPinchLookup
ThreatPinchLookup copied to clipboard
cloudtracer
GreyNoise.io Integration
Add API integration for GreyNoise.io. I used the wizard and believe that I got a good result, raw schema included below. Not sure if this is the correct way to share new integrations, the documentation mentioned creating a new issue to do so.
{
"lookupName": "GreyNoise",
"lookupVariable": "GREYNOISE",
"lookupType": "IPV4",
"lookupUrl": "http://api.greynoise.io:8888/v1/query/ip",
"httpHeaders": "",
"httpType": "POST",
"dataType": "JSON",
"dataSchema": {
"0_GreyNoise.io": {
"title": "GreyNoise.io",
"mapping": "${PINCH.LINKURL}",
"order": 0,
"linkTitle": "${PINCH.HOVERITEM}",
"linkUrl": "https://www.google.com/search?q=${PINCH.HOVERITEM}"
},
"1_returned_count": {
"title": "returned_count",
"mapping": "${PINCH.RESPONSE.returned_count}",
"order": 1
},
"2_name": {
"title": "name",
"mapping": "${PINCH.LOOP.name}",
"order": 2,
"jsonpath": "$.records[:10]",
"jsonpathloop": true,
"condition": "true"
},
"3_first_seen": {
"title": "first_seen",
"mapping": "${PINCH.LOOP.first_seen}",
"order": 3,
"jsonpath": "$.records[:10]",
"jsonpathloop": true,
"condition": "true"
},
"4_last_updated": {
"title": "last_updated",
"mapping": "${PINCH.LOOP.last_updated}",
"order": 4,
"jsonpath": "$.records[:10]",
"jsonpathloop": true,
"condition": "true"
},
"5_confidence": {
"title": "confidence",
"mapping": "${PINCH.LOOP.confidence}",
"order": 5,
"jsonpath": "$.records[:10]",
"jsonpathloop": true,
"condition": "true"
},
"6_intention": {
"title": "intention",
"mapping": "${PINCH.LOOP.intention}",
"order": 6,
"jsonpath": "$.records[:10]",
"jsonpathloop": true,
"condition": "true"
},
"7_category": {
"title": "category",
"mapping": "${PINCH.LOOP.category}",
"order": 7,
"jsonpath": "$.records[:10]",
"jsonpathloop": true,
"condition": "true"
},
"8_org": {
"title": "org",
"mapping": "${PINCH.LOOP.org}",
"order": 8,
"jsonpath": "$.records[:10].metadata",
"jsonpathloop": true,
"condition": "true"
},
"9_rdns": {
"title": "rdns",
"mapping": "${PINCH.LOOP.rdns}",
"order": 9,
"jsonpath": "$.records[:10].metadata",
"jsonpathloop": true,
"condition": "true"
},
"10_rdns_parent": {
"title": "rdns_parent",
"mapping": "${PINCH.LOOP.rdns_parent}",
"order": 10,
"jsonpath": "$.records[:10].metadata",
"jsonpathloop": true,
"condition": "true"
},
"11_datacenter": {
"title": "datacenter",
"mapping": "${PINCH.LOOP.datacenter}",
"order": 11,
"jsonpath": "$.records[:10].metadata",
"jsonpathloop": true,
"condition": "true"
},
"12_asn": {
"title": "asn",
"mapping": "${PINCH.LOOP.asn}",
"order": 12,
"jsonpath": "$.records[:10].metadata",
"jsonpathloop": true,
"condition": "true"
},
"13_os": {
"title": "os",
"mapping": "${PINCH.LOOP.os}",
"order": 13,
"jsonpath": "$.records[:10].metadata",
"jsonpathloop": true,
"condition": "true"
},
"14_link": {
"title": "link",
"mapping": "${PINCH.LOOP.link}",
"order": 14,
"jsonpath": "$.records[:10].metadata",
"jsonpathloop": true,
"condition": "true"
},
"15_tor": {
"title": "tor",
"mapping": "${PINCH.LOOP.tor}",
"order": 15,
"jsonpath": "$.records[:10].metadata",
"jsonpathloop": true,
"condition": "true"
}
},
"disabled": false,
"iocs": true,
"authorizationType": "DEFAULT",
"requestGroup": "INTERNET",
"httpPostData": "ip=${PINCH.HOVERITEM}",
"excludePivots": [],
"sample": "119.29.198.201",
"order": 999999
}
Hi @co-devs,
Very cool, thanks for creating this. I was able to add it pretty easily and it looks to work great! I'll see about adding it the next time I push a release.
For future reference, on the settings page there is actually a "Share" button for all the API integrations, which will open a page that you can just copy the URL and share it with other people. If the integration has "User Defined" settings - such as API keys/passwords - these settings won't be shared, the person receiving the link will just need to add their own details to the user defined bits.
chrome-extension://ljdgplocfnmnofbhpkjclbefmjoikgke/src/options/wizard.html?RL=eyJsb29rdXBOYW1lIjoiR3JleU5vaXNlIiwibG9va3VwVmFyaWFibGUiOiJHUkVZTk9JU0UiLCJsb29rdXBUeXBlIjoiSVBWNCIsImxvb2t1cFVybCI6Imh0dHA6Ly9hcGkuZ3JleW5vaXNlLmlvOjg4ODgvdjEvcXVlcnkvaXAiLCJodHRwSGVhZGVycyI6IiIsImh0dHBUeXBlIjoiUE9TVCIsImRhdGFUeXBlIjoiSlNPTiIsImRhdGFTY2hlbWEiOnsiMF9HcmV5Tm9pc2UuaW8iOnsidGl0bGUiOiJHcmV5Tm9pc2UuaW8iLCJtYXBwaW5nIjoiJHtQSU5DSC5MSU5LVVJMfSIsIm9yZGVyIjowLCJsaW5rVGl0bGUiOiIke1BJTkNILkhPVkVSSVRFTX0iLCJsaW5rVXJsIjoiaHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS9zZWFyY2g/cT0ke1BJTkNILkhPVkVSSVRFTX0ifSwiMV9yZXR1cm5lZF9jb3VudCI6eyJ0aXRsZSI6InJldHVybmVkX2NvdW50IiwibWFwcGluZyI6IiR7UElOQ0guUkVTUE9OU0UucmV0dXJuZWRfY291bnR9Iiwib3JkZXIiOjF9LCIyX25hbWUiOnsidGl0bGUiOiJuYW1lIiwibWFwcGluZyI6IiR7UElOQ0guTE9PUC5uYW1lfSIsIm9yZGVyIjoyLCJqc29ucGF0aCI6IiQucmVjb3Jkc1s6MTBdIiwianNvbnBhdGhsb29wIjp0cnVlLCJjb25kaXRpb24iOiJ0cnVlIn0sIjNfZmlyc3Rfc2VlbiI6eyJ0aXRsZSI6ImZpcnN0X3NlZW4iLCJtYXBwaW5nIjoiJHtQSU5DSC5MT09QLmZpcnN0X3NlZW59Iiwib3JkZXIiOjMsImpzb25wYXRoIjoiJC5yZWNvcmRzWzoxMF0iLCJqc29ucGF0aGxvb3AiOnRydWUsImNvbmRpdGlvbiI6InRydWUifSwiNF9sYXN0X3VwZGF0ZWQiOnsidGl0bGUiOiJsYXN0X3VwZGF0ZWQiLCJtYXBwaW5nIjoiJHtQSU5DSC5MT09QLmxhc3RfdXBkYXRlZH0iLCJvcmRlciI6NCwianNvbnBhdGgiOiIkLnJlY29yZHNbOjEwXSIsImpzb25wYXRobG9vcCI6dHJ1ZSwiY29uZGl0aW9uIjoidHJ1ZSJ9LCI1X2NvbmZpZGVuY2UiOnsidGl0bGUiOiJjb25maWRlbmNlIiwibWFwcGluZyI6IiR7UElOQ0guTE9PUC5jb25maWRlbmNlfSIsIm9yZGVyIjo1LCJqc29ucGF0aCI6IiQucmVjb3Jkc1s6MTBdIiwianNvbnBhdGhsb29wIjp0cnVlLCJjb25kaXRpb24iOiJ0cnVlIn0sIjZfaW50ZW50aW9uIjp7InRpdGxlIjoiaW50ZW50aW9uIiwibWFwcGluZyI6IiR7UElOQ0guTE9PUC5pbnRlbnRpb259Iiwib3JkZXIiOjYsImpzb25wYXRoIjoiJC5yZWNvcmRzWzoxMF0iLCJqc29ucGF0aGxvb3AiOnRydWUsImNvbmRpdGlvbiI6InRydWUifSwiN19jYXRlZ29yeSI6eyJ0aXRsZSI6ImNhdGVnb3J5IiwibWFwcGluZyI6IiR7UElOQ0guTE9PUC5jYXRlZ29yeX0iLCJvcmRlciI6NywianNvbnBhdGgiOiIkLnJlY29yZHNbOjEwXSIsImpzb25wYXRobG9vcCI6dHJ1ZSwiY29uZGl0aW9uIjoidHJ1ZSJ9LCI4X29yZyI6eyJ0aXRsZSI6Im9yZyIsIm1hcHBpbmciOiIke1BJTkNILkxPT1Aub3JnfSIsIm9yZGVyIjo4LCJqc29ucGF0aCI6IiQucmVjb3Jkc1s6MTBdLm1ldGFkYXRhIiwianNvbnBhdGhsb29wIjp0cnVlLCJjb25kaXRpb24iOiJ0cnVlIn0sIjlfcmRucyI6eyJ0aXRsZSI6InJkbnMiLCJtYXBwaW5nIjoiJHtQSU5DSC5MT09QLnJkbnN9Iiwib3JkZXIiOjksImpzb25wYXRoIjoiJC5yZWNvcmRzWzoxMF0ubWV0YWRhdGEiLCJqc29ucGF0aGxvb3AiOnRydWUsImNvbmRpdGlvbiI6InRydWUifSwiMTBfcmRuc19wYXJlbnQiOnsidGl0bGUiOiJyZG5zX3BhcmVudCIsIm1hcHBpbmciOiIke1BJTkNILkxPT1AucmRuc19wYXJlbnR9Iiwib3JkZXIiOjEwLCJqc29ucGF0aCI6IiQucmVjb3Jkc1s6MTBdLm1ldGFkYXRhIiwianNvbnBhdGhsb29wIjp0cnVlLCJjb25kaXRpb24iOiJ0cnVlIn0sIjExX2RhdGFjZW50ZXIiOnsidGl0bGUiOiJkYXRhY2VudGVyIiwibWFwcGluZyI6IiR7UElOQ0guTE9PUC5kYXRhY2VudGVyfSIsIm9yZGVyIjoxMSwianNvbnBhdGgiOiIkLnJlY29yZHNbOjEwXS5tZXRhZGF0YSIsImpzb25wYXRobG9vcCI6dHJ1ZSwiY29uZGl0aW9uIjoidHJ1ZSJ9LCIxMl9hc24iOnsidGl0bGUiOiJhc24iLCJtYXBwaW5nIjoiJHtQSU5DSC5MT09QLmFzbn0iLCJvcmRlciI6MTIsImpzb25wYXRoIjoiJC5yZWNvcmRzWzoxMF0ubWV0YWRhdGEiLCJqc29ucGF0aGxvb3AiOnRydWUsImNvbmRpdGlvbiI6InRydWUifSwiMTNfb3MiOnsidGl0bGUiOiJvcyIsIm1hcHBpbmciOiIke1BJTkNILkxPT1Aub3N9Iiwib3JkZXIiOjEzLCJqc29ucGF0aCI6IiQucmVjb3Jkc1s6MTBdLm1ldGFkYXRhIiwianNvbnBhdGhsb29wIjp0cnVlLCJjb25kaXRpb24iOiJ0cnVlIn0sIjE0X2xpbmsiOnsidGl0bGUiOiJsaW5rIiwibWFwcGluZyI6IiR7UElOQ0guTE9PUC5saW5rfSIsIm9yZGVyIjoxNCwianNvbnBhdGgiOiIkLnJlY29yZHNbOjEwXS5tZXRhZGF0YSIsImpzb25wYXRobG9vcCI6dHJ1ZSwiY29uZGl0aW9uIjoidHJ1ZSJ9LCIxNV90b3IiOnsidGl0bGUiOiJ0b3IiLCJtYXBwaW5nIjoiJHtQSU5DSC5MT09QLnRvcn0iLCJvcmRlciI6MTUsImpzb25wYXRoIjoiJC5yZWNvcmRzWzoxMF0ubWV0YWRhdGEiLCJqc29ucGF0aGxvb3AiOnRydWUsImNvbmRpdGlvbiI6InRydWUifX0sImRpc2FibGVkIjpmYWxzZSwiaW9jcyI6dHJ1ZSwiYXV0aG9yaXphdGlvblR5cGUiOiJERUZBVUxUIiwicmVxdWVzdEdyb3VwIjoiSU5URVJORVQiLCJodHRwUG9zdERhdGEiOiJpcD0ke1BJTkNILkhPVkVSSVRFTX0iLCJleGNsdWRlUGl2b3RzIjpbXSwic2FtcGxlIjoiMTE5LjI5LjE5OC4yMDEiLCJvcmRlciI6NTh9
