Skip to main content

Update Threat IOC Feed

Updates an existing Threat IOC (Indicator of Compromise) feed with new information.

Parameters

ParameterDescription
Action-
Feed URLThe URL of the IOC feed that will be fetched.
IOC FeedThe IOC to update. Select the feed's name or manually type its name/ID.
New NameThe new name of the IOC feed.

Example Output

{
"uid": "f16bf59e-321d-422a-b9c4-99ae07a67804",
"name": "example-updated",
"type": "threat-ioc-feed",
"domain": {
"uid": "41e821a0-3720-11e3-aa6e-0800200c9fde",
"name": "SMC User",
"domain-type": "domain"
},
"v": "domain",
"feed-type": "domain",
"feed-url": "https://example.com/feed.xml",
"use-gateway-proxy": true,
"use-custom-feed-settings": false,
"action": "Prevent",
"enabled": true,
"custom-headers": [],
"comments": "",
"color": "black",
"icon": "ThreatPrevention/FileGlobe",
"tags": [],
"meta-info": {
"lock": "unlocked",
"validation-state": "ok",
"last-modify-time": {
"posix": 1687873017010,
"iso-8601": "2023-06-27T16:36+0300"
},
"last-modifier": "admin",
"creation-time": {
"posix": 1687872974795,
"iso-8601": "2023-06-27T16:36+0300"
},
"creator": "admin"
},
"read-only": true,
"available-actions": {}
}

Automation Library Example

Update Threat Ioc Feed with Check Point Management and Send Results Via Email

Automation LibraryPreview this Automation on desktop