Send Observable Analysis Request - Blink Documentation

Submit an observable for security analysis. Note: At least one of the following parameters is required:

Analyzers Requested
Connectors Requested

External DocumentationTo learn more, visit the Intel Owl documentation.

Basic Parameters

Parameter	Description
Analyzers Requested	A comma-separated list of specific analyzers to run. For the list of all observable analyzers, refer to Intel Owl API documentation. Important! Required if `Connectors Requested` parameter is not provided.
Connectors Requested	A comma-separated list of specific connectors to run. For the list of all connectors, refer to Intel Owl API documentation. Important! Required if `Analyzers Requested` parameter is not provided.
Observable Classification	The type of observable being analyzed.
Observable Name	The observable to analyze (IP address, domain, URL, file hash, etc.).
TLP	Traffic Light Protocol classification level to control information sharing.
Tags Labels	A comma-separated list of tag labels to assign to the analysis.

Advanced Parameters

Parameter	Description
Analyzers Runtime Configuration	A configuration object to override default analyzers configuration. For example: `{ “Doc_Info”: { “additional_passwords_to_check”: [“passwd”, “2020”] } }` For more information about the `Runtime Configuration`, refer to Intel Owl API documentation.

Example Output

{
	"job_id": 19,
	"analyzers_running": [],
	"connectors_running": [
		"AbuseSubmitter",
		"EmailSender"
	],
	"visualizers_running": [],
	"playbook_running": null,
	"investigation": null,
	"status": "accepted",
	"already_exists": false
}

Workflow Library Example

Send Observable Analysis Request with Intel Owl and Send Results Via Email

Preview this Workflow on desktop

Integrations

​Basic Parameters

​Advanced Parameters

​Example Output

​Workflow Library Example

Basic Parameters

Advanced Parameters

Example Output

Workflow Library Example