Get Observable Details
Get the details of an observable object.
Required scopes: enrich/observables/deliberate:read
External Documentation
To learn more, visit the Cisco Talos documentation.
Parameters
| Parameter | Description |
|---|---|
| Object Type | The type of the observable to get details of. Can be retrieved from the 'Get Observable Type'. |
| Object Value | The value of the observable to get details of. (Could be an IP, domain, email, hash, etc..) |
Example Output
{
"data": [
{
"module": "Sample Module",
"module_instance_id": "da033b3c-81da-4118-b73a-f03feb3adecf",
"module_type_id": "c84f54db-c187-4cab-8751-2b39b007ee55",
"data": {
"verdicts": {
"count": 2,
"docs": [
{
"type": "verdict",
"disposition": 2,
"observable": {
"value": "https://ilo.brenz.pl/",
"type": "url"
},
"disposition_name": "Malicious",
"valid_time": {
"start_time": "2023-02-09T13:36:23.410Z",
"end_time": "2023-03-11T13:36:23.410Z"
}
},
{
"type": "verdict",
"disposition": 2,
"observable": {
"value": "http://ilo.brenz.pl/favicon.ico/",
"type": "url"
},
"disposition_name": "Malicious",
"valid_time": {
"start_time": "2023-02-09T13:36:23.420Z",
"end_time": "2023-03-11T13:36:23.420Z"
}
}
]
}
}
}
]
}
Workflow Library Example
Get Observable Details with Cisco Talos and Send Results Via Email
Preview this Workflow on desktop