SpectraAnalyze-EnrichNetworkEntities
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
This playbook will enrich a network entities (IP addresses, URLs, and domain names) with information from a Spectra Analyze appliance. A comment will be added to the incident with details about the entity.
| Attribute | Value |
|---|---|
| Type | Playbook |
| Solution | ReversingLabs |
| Source | View on GitHub |
Additional Documentation
Author: Aaron Hoffmann (ReversingLabs)
Summary
This playbook enriches network entities (IP addresses, URLs, and domains) with information from a ReversingLabs Spectra Analyze (formerly A1000) appliance.
Prerequisites
You'll need the following: * A ReversingLabs Spectra Analyze host URL * A ReversingLabs Spectra Analyze API token
Deployment instructions
- Deploy the playbook by clicking on "Deploy to Azure" button. This will take you to deploying an ARM Template wizard.
Post-deployment
After deploying the template, you'll want to update the playbook connections with your Spectra Analyze API token.
Screenshots
References
- ReversingLabs content pack installation guide
- Video - How to install and configure the ReversingLabs content pack
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊