Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
Collections
Apps
Submit an app
Sixgill Darkfeed app icon

Sixgill Darkfeed

Sixgill's premium underground intelligence collection capabilities, real-time collection, and advanced warning about IOCs help you keep your edge against unknown threats

Built by
soar product badge
Latest Version 1.0.1
September 17, 2021
Compatibility
Not Available
Platform Version: 5.5, 5.4, 5.3, 5.2, 5.1, 5.0, 4.10, 4.9
Rating

0

(0)

Log in to rate this app
Support
Sixgill Darkfeed support icon
Not Supported
Ranking

#3

in SIEM
Sixgill's premium underground intelligence collection capabilities, real-time collection, and advanced warning about IOCs help you keep your edge against unknown threats

Supported Actions

  • test connectivity: Validate the asset configuration for connectivity using supplied configuration
  • on poll: Scheduled/Automated ingestion of all the new Darkfeed IOCs detected since the last ingestion
  • enrich ip: Query the Sixgill Darkfeed for the specified IP and receive all the IOCs matching that IP
  • enrich url: Query the Sixgill Darkfeed for the specified URL and receive all the IOCs matching that URL
  • enrich domain: Query the Sixgill Darkfeed for the specified domain and receive all the IOCs matching that domain
  • enrich hash: Query the Sixgill Darkfeed for the specified hash and receive all the IOCs matching that hash
  • enrich post id: Query the Sixgill Darkfeed for the specified Sixgill Post ID (i.e. unique identifier of a specific post shared in the underground) and receive all the IOCs shared in that post
  • enrich threat actor: Query the Sixgill Darkfeed for the specified threat actor and receive all the IOCs shared by that threat actor

Categories

Created By

srv-stage-community

Source Code

GitHub(Opens new window)

Type

connector

Licensing

Apache License 2.0(Opens new window)

Splunk Answers

Ask a question about this app listing(Opens new window)

Resources

Log in to report this app listing