RecordedFutureDomainRiskList

Extracts the domain risk list from the recorded future and creates indicators accordingly.

Script Data


NameDescription
Script Typepython
TagsRecordedFuture

Inputs


Argument NameDescription
listSpecifies a domain list by a risk rule name. This can be retrieved with the get-domain-riskrules command.
thresholdThe minimum threshold score to consider indicators as malicious (65-99, greater than or equal to).
delete_existingWether to delete the existing recorded future's malicious domain indicators.

Outputs


PathDescriptionType
InfoFile.NameThe name of the file.string
InfoFile.EntryIDThe entry ID of the file.string
InfoFile.SizeThe size of the file.number
InfoFile.TypeThe type of teh file. For example, "PE".string
InfoFile.InfoThe basic information of the file.string
InfoFile.ExtensionThe extension of the file.string