Get Bulk IOCs In Bundle
Gets bundle of IOCs in STIX2 format.
External Documentation
To learn more, visit the Cybersixgill documentation.
Parameters
| Parameter | Description |
|---|---|
| Channel ID | The channel ID of IOCs. |
| Limit | Amount of IOCs to return. |
Example Output
{
"id": "bundle--b56c1e2e-a40c-44ca-83dd-09e25936d273",
"objects": [
{
"created": "2019-05-01T06:13:14.000Z",
"description": "this is the description'",
"id": "example--1",
"labels": [
"[\"aaa\",\"bbb\",\"ccc\"]"
],
"lang": "en",
"modified": "2019-05-08T03:43:44.000Z",
"sixgill_actor": "actor name",
"sixgill_confidance": 80,
"sixgill_feedid": "darkfeed_015",
"sixgill_feedname": "name of feed",
"sixgill_postid": "f1b1ddcc181313841edbee47cbc114ef6e82c81a",
"sixgill_posttitle": "post title",
"sixgill_source": "twitter",
"spec_version": "2.0",
"type": "example",
"valid_from": "2019-05-08T03:43:44.000Z",
"sixgill_severity": 80,
"pattern": "[ipv4-addr:value = '195.123.241.195']",
"external_reference": [
{
"description": "Mitre attack tactics and technique reference",
"mitre_attack_tactic": "Establish & Maintain Infrastructure",
"mitre_attack_tactic_id": "TA0022",
"mitre_attack_tactic_url": "https://attack.mitre.org/tactics/TA0022/",
"mitre_attack_technique": "Compromise 3rd party infrastructure to support delivery",
"mitre_attack_technique_id": "T1334",
"mitre_attack_technique_url": "https://attack.mitre.org/techniques/T1334/",
"source_name": "mitre-attack"
}
],
"additionalProp1": {}
}
],
"spec_version": "2.0",
"type": "bundle"
}
Workflow Library Example
Get Bulk Iocs in Bundle with Cybersixgill and Send Results Via Email
Preview this Workflow on desktop