SecurityTrails strives to make the biggest treasure-trove of cyber intelligence data readily available in an instant. We work relentlessly to empower experts so they can thwart future attacks with up-to-date data, proprietary tools, and custom solutions.
This Add-On provides a method to use Splunk Adaptive Response to automate lookup of a Domain or IP against SecurityTrails API located here. Currently we support the following API calls.
- Get Domain Information
- List Subdomains
- List Tags
- WHOIS
- Historical DNS
- Historical WHOIS
- Domain Searcher (Searching Domains)
- IP Range Checker
This Add-On requires access to the SecurityTrails API located here and the Splunk Common Information Model App located here
1.0.0 Initial release with API functionality
1.2.0 Added additional API functionality and fixed paging issues
Updates to the output to improve parsing and remediate multi page output.
As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps from Splunk, our partners and our community. Find an app for most any data source and user need, or simply create your own with help from our developer portal.