Cofense Triage Deprecated

Deprecated. Use the Cofense Triage v2 integration instead.

Data Enrichment & Threat Intelligence · Cofense Triage

Configuration parameters

  • host — Server URL (e.g., https://192.168.0.1) (required)
  • user — User (required)
  • token — API Token (required)
  • isFetch — Fetch incidents
  • incidentType — Incident type
  • date_range — First fetch time (<number> <time unit>, e.g., 12 hours, 7 days, 3 months, 1 year)
  • category_id — Category ID to fetch - corresponds to the ranking that determines the Cofense Triage prioritization (1-5)
  • match_priority — Match Priority - the highest match priority based on rule hits for the report
  • tags — Tags - CSV list of tags of processed reports by which to filter
  • max_fetch — Maximum number of incidents to fetch each time
  • insecure — Trust any certificate (not secure)
  • proxy — Use system proxy settings

Commands (4)

  • cofense-get-attachment

    Retrieves an attachment by the attachment ID number.

  • cofense-get-report-by-id

    Retrieves a report by the report ID number.

  • cofense-get-reporter

    Retrieves Email address of the reporter by ID

  • cofense-search-reports

    Runs a query for reports.