Mnemonic

Publisher: Splunk
Connector Version: 2.0.6
Product Vendor: Mnemonic
Product Name: Passive DNS
Product Version Supported (regex): ".*"
Minimum Product Version: 5.1.0

This app integrates with the Mnemonic Passive DNS API to implement investigative actions

Configuration Variables

The below configuration variables are required for this Connector to operate. These variables are specified when configuring a Passive DNS asset in SOAR.

VARIABLE	REQUIRED	TYPE	DESCRIPTION
domain	optional	string	Domain to check connectivity (Default: phantom.us)

Supported Actions

test connectivity - Validate the asset configuration for connectivity using supplied configuration
lookup domain - Check for the presence of a domain in a threat intelligence feed

action: 'test connectivity'

Validate the asset configuration for connectivity using supplied configuration

Type: test
Read only: True

Action Parameters

No parameters are required for this action

Action Output

No Output

action: 'lookup domain'

Check for the presence of a domain in a threat intelligence feed

Type: investigate
Read only: True

Action Parameters

PARAMETER	REQUIRED	DESCRIPTION	TYPE	CONTAINS
domain	required	Domain to lookup	string	`domain` `url`
range	optional	Range (min_offset-max_offset), default is 0-100	string

Action Output

DATA PATH	TYPE	CONTAINS
action_result.status	string
action_result.parameter.domain	string	`domain` `url`
action_result.parameter.range	string
action_result.data.*.answer	string	`ip`
action_result.data.*.createdTimestamp	numeric
action_result.data.*.customer	string
action_result.data.*.firstSeenTimestamp	numeric
action_result.data.*.firstSeenTimestampString	string
action_result.data.*.lastSeenTimestamp	numeric
action_result.data.*.lastSeenTimestampString	string
action_result.data.*.lastUpdatedTimestamp	numeric
action_result.data.*.maxTtl	numeric
action_result.data.*.minTtl	numeric
action_result.data.*.query	string
action_result.data.*.rrclass	string
action_result.data.*.rrtype	string
action_result.data.*.times	numeric
action_result.data.*.tlp	string
action_result.summary.items_returned	numeric
action_result.summary.total_items	numeric
action_result.message	string
summary.total_objects	numeric
summary.total_objects_successful	numeric

Name		Name	Last commit message	Last commit date
Latest commit History 89 Commits
.github/workflows		.github/workflows
release_notes		release_notes
wheels		wheels
.pre-commit-config.yaml		.pre-commit-config.yaml
CONTRIBUTING.md		CONTRIBUTING.md
LICENSE		LICENSE
NOTICE		NOTICE
README.md		README.md
__init__.py		__init__.py
display_lookup_domain.html		display_lookup_domain.html
exclude_files.txt		exclude_files.txt
logo_mnemonic.svg		logo_mnemonic.svg
logo_mnemonic_dark.svg		logo_mnemonic_dark.svg
mnemonic.json		mnemonic.json
mnemonic_connector.py		mnemonic_connector.py
mnemonic_consts.py		mnemonic_consts.py
mnemonic_view.py		mnemonic_view.py
requirements.txt		requirements.txt
tox.ini		tox.ini

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Mnemonic

Configuration Variables

Supported Actions

action: 'test connectivity'

Action Parameters

Action Output

action: 'lookup domain'

Action Parameters

Action Output

About

Releases

Packages

Languages

License

mnemonic-no/splunk-soar-mnemonic

Folders and files

Latest commit

History

Repository files navigation

Mnemonic

Configuration Variables

Supported Actions

action: 'test connectivity'

Action Parameters

Action Output

action: 'lookup domain'

Action Parameters

Action Output

About

Resources

License

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages