CyrenThreatInDepthRelatedWidgetQuick
Shows limited feed relationship data in a table with the ability to navigate
Source
import json import demistomock as demisto from CommonServerPython import * from CommonServerUserPython import * def cyren_feed_relationship(args) -> CommandResults: indicator = args.get("indicator") if not indicator: raise ValueError("Please provide 'indicator' argument!") result = demisto.executeCommand( "CyrenThreatInDepthRenderRelated", {"indicator": json.dumps(indicator), "columns": "Indicator Type,Value"} ) if is_error(result[0]): raise ValueError(f"Failed to render related: {get_error(result)!s}") readable = result[0]["HumanReadable"] return CommandResults(readable_output=readable) def main(args): try: return_results(cyren_feed_relationship(args)) except Exception as e: return_error(f"Failed to execute CyrenThreatInDepthRelatedWidgetQuick. Error: {e!s}") if __name__ in ("__main__", "__builtin__", "builtins"): main(demisto.args())
README
Widget script to view limited information about the relationship information the Cyren Threat InDepth
feeds offer. For instance, you can see and navigate to a SHA256 that was hosted by a malicious URL.
The script can be used similar to the Feed Related Indicators.
This script uses the script CyrenThreatInDepthRenderRelated using the following columns:
- Indicator Type
- Value (hyperlinked if possible)
Script Data
| Name | Description |
|---|---|
| Script Type | python3 |
| Tags | dynamic-indicator-section |
| XSOAR Version | 6.0.0 |
Inputs
There are no inputs for this script.
Outputs
There are no outputs for this script.
Human Readable Output
| Indicator Type | Value |
|---|---|
| IP | 172.217.6.65 |
| SHA-256 | 6ea626950a759c259a182b628f79816843af379af87dbbe13923bf72d6047770 |