Extracts the IP address risk list from the recorded future and creates indicators accordingly.
Script Data#
Name | Description |
---|
Script Type | python |
Tags | RecordedFuture |
Inputs#
Argument Name | Description |
---|
list | Specifies an IP address list by a risk rule name. This can be retrieved with the get-ip-riskrules command. |
threshold | The minimum threshold score to consider indicators as malicious (65-99, greater than or equal to). |
delete_existing | Whether to delete the existing recorded future malicious IP address indicators. |
Outputs#
Path | Description | Type |
---|
InfoFile.Name | The name of the file. | string |
InfoFile.EntryID | The entry ID of the file. | string |
InfoFile.Size | the size of the file. | number |
InfoFile.Type | The type of the file. For example, "PE". | string |
InfoFile.Info | The basic information of the file. | string |
InfoFile.Extension | The extension of the file. | string |