Welcome to the new Splunkbase! To return to the old Splunkbase, click here.

VxStream Sandbox

This App integrates VxStream Sandbox Service and provides actions like 'detonate_file', 'run_query', 'get_result' etc. Every action uses the 'api_key'.

Built by srv-stage-community

Latest Version 1.1.2

September 17, 2021

Compatibility

Not Available

Platform Version: 5.5, 5.4, 5.3, 5.2, 5.1, 5.0, 4.10, 4.9, 4.8, 4.7, 4.6, 4.5, 4.2, 4.1, 4.0, 3.5, 3.0

Rating

0

(0)

Support

Not Supported

Ranking

#1

in Sandbox

This App integrates VxStream Sandbox Service and provides actions like 'detonate_file', 'run_query', 'get_result' etc. Every action uses the 'api_key'.

Supported Actions

run query: Search for samples in VxStream Sandbox database using query string.
hunt similar: Search for similar samples by given Sha256 hash in the VxStream Sandbox database.
hunt ip: Search for a given IP in the VxStream Sandbox database.
hunt file: Search for a file by one kind of data(Sha1, Md5, Sha256 or Filename) in the VxStream Sandbox database.
hunt malware family: Search for a given malware family in the VxStream Sandbox database.
hunt domain: Search for a given domain in the VxStream Sandbox database.
hunt url: Search for a given URL in the VxStream Sandbox database.
get file from url: Download file from a url.
get pcap: Download the pcap file of sample from VxStream Sandbox and add it to vault.
get file: Download sample result data from VxStream Sandbox and add it to vault.
get report: Fetch results of an already completed analysis in the VxStream Sandbox.
check status: Check status of sample (file or URL) submitted in the VxStream Sandbox.
detonate url: Detonate a URL in the VxStream Sandbox.
detonate file: Detonate the file in the VxStream Sandbox.
test connectivity: Validate the asset configuration for connectivity.