Add Threat IOC Feed - BlinkOps Documentation

Parameters
Example Output
Workflow Library Example

Add a new Threat IOC (Indicator of Compromise) feed to the system.

External DocumentationTo learn more, visit the Check Point Management documentation.

Parameters

Parameter	Description
Action	The action to take when the IOC is matched.
Feed URL	The URL of the Threat IOC feed to fetch.
Name	The name of the Threat IOC feed.

Example Output

{
	"uid": "f16bf59e-321d-422a-b9c4-99ae07a67804",
	"name": "example",
	"type": "threat-ioc-feed",
	"domain": {
		"uid": "41e821a0-3720-11e3-aa6e-0800200c9fde",
		"name": "SMC User",
		"domain-type": "domain"
	},
	"v": "domain",
	"feed-type": "domain",
	"feed-url": "https://example.com/feed.xml",
	"use-gateway-proxy": true,
	"use-custom-feed-settings": false,
	"action": "Detect",
	"enabled": true,
	"custom-headers": [],
	"comments": "",
	"color": "black",
	"icon": "ThreatPrevention/FileGlobe",
	"tags": [],
	"meta-info": {
		"lock": "unlocked",
		"validation-state": "ok",
		"last-modify-time": {
			"posix": 1687872974793,
			"iso-8601": "2023-06-27T16:36+0300"
		},
		"last-modifier": "admin",
		"creation-time": {
			"posix": 1687872974793,
			"iso-8601": "2023-06-27T16:36+0300"
		},
		"creator": "admin"
	},
	"read-only": true,
	"available-actions": {}
}

Workflow Library Example

Add Threat Ioc Feed with Check Point Management and Send Results Via Email

Preview this Workflow on desktop

Add Access Rule Check Point Management Custom Action

⌘I

Integrations

​Parameters

​Example Output

​Workflow Library Example

Parameters

Example Output

Workflow Library Example