samples
turbot/flowpipe-samples/lookup-iocs
Get Involved
Version
Lookup IP In Different Tools
A composite Flowpipe mod that lookup an IP in VirusTotal, Urlscan and other tools.
Run the pipeline
To run this pipeline from your terminal:
flowpipe pipeline run lookup_iocs.pipeline.lookup_ip \ --arg 'ip_address=<string>'Use this pipeline
To call this pipeline from your pipeline, use a step:
step "pipeline" "step_name" { pipeline = lookup_iocs.pipeline.lookup_ip args = { ip_address = <string> }}Params
| Name | Type | Required | Description | Default |
|---|---|---|---|---|
| abuseipdb_cred | string | Yes | Name for AbuseIPDB credentials to use. If not provided, the default credentials will be used. | default |
| ip2locationio_cred | string | Yes | Name for ip2location.io credentials to use. If not provided, the default credentials will be used. | default |
| urlscan_cred | string | Yes | Name for URLScan.io credentials to use. If not provided, the default credentials will be used. | default |
| ip_address | string | Yes | The IP address to be scanned. | - |
| max_age_in_days | number | No | Maximum age in days for the AbuseIPDB reports to retrieve. Defaults to 30 days. | 30 |
Outputs
| Name | Description |
|---|---|
| lookup_ip |