sample
turbot/flowpipe-samples/lookup-iocs
Get Involved
Version
Pipeline: Lookup IP In Different Tools
A composite Flowpipe mod that lookup an IP in VirusTotal, Urlscan and other tools.
Run the pipeline
To run this pipeline from your terminal:
flowpipe pipeline run lookup_iocs.pipeline.lookup_ip \ --arg 'ip_address=<string>'Use this pipeline
To call this pipeline from your pipeline, use a step:
step "pipeline" "step_name" { pipeline = lookup_iocs.pipeline.lookup_ip args = { ip_address = <string> }}Params
| Name | Type | Required | Description | Default |
|---|---|---|---|---|
| abuseipdb_conn | connection.abuseipdb | Yes | Name of AbuseIPDB connection to use. If not provided, the default AbuseIPDB connection will be used. | connection.abuseipdb.default |
| ip2locationio_conn | connection.ip2locationio | Yes | Name of IP2Locationio connection to use. If not provided, the default IP2Locationio connection will be used. | connection.ip2locationio.default |
| urlscan_conn | connection.urlscan | Yes | Name of URL Scan connection to use. If not provided, the default URL Scan connection will be used. | connection.urlscan.default |
| ip_address | string | Yes | The IP address to be scanned. | - |
| max_age_in_days | number | No | Maximum age in days for the AbuseIPDB reports to retrieve. Defaults to 30 days. | 30 |
Outputs
| Name | Description |
|---|---|
| lookup_ip |