NTT Cyber Threat Sensor

Retrieve alerts and recommendations from NTT CTS.

Network Security · NTT Cyber Threat Sensor

Configuration parameters

  • APIKEY — The API key for accessing CTS over AWS (required)
  • TENANT_ID — Tenant identification. UUID formatted string (required)
  • DAYS_BACK — Days to fetch for the first time this application runs (required)
  • ITEMS_TO_FETCH — Number of items to fetch each iteration (1 to 100) (required)
  • SOARTOKEN — The unique key for accessing the alerts and active response recommendations (required)
  • isFetch — Fetch incidents
  • incidentType — Incident type
  • BASEURL — The base URL for the backend to consume from (required)
  • insecure — Trust any certificate (not secure)

Commands (2)

  • ntt-cyber-threat-sensor-fetch-blobs

    Collecting blobs, most commonly pcap from an incident

  • ntt-cyber-threat-sensor-poll-blobs

    Check if blobs is available