Enricher - CentralOps Domain Dossier#
Note
This article describes how to configure a particular enrichment source. To see how to configure enrichers in general, see Configure enrichers.
Specifications |
|
|---|---|
Enricher name |
CentralOps Domain Dossier |
Input |
Domain. |
Output |
Details on geolocation, ASN, registrar, whois and DNS records, open ports and protocols (when available). |
API endpoint |
|
Description |
The CentralOps Domain Dossier enricher augments input observables with a wide range of contextual information such as geolocation, ASN, whois, registrar, domain name, file hash, and so on. |
Note
The default Source reliability value for this enricher is C – Fairly reliable.
You can change it to a different reliability value, as needed.
Requirements#
Users need a Username and Password. Sign up and subscribe to the service to obtain the required credentials.
Configure the enricher parameters#
Edit the enricher.
From the Observable types drop-down menu, select one or more observable types you want to enrich with data retrieved through the CentralOps Domain Dossier enricher.
The API URL field is automatically filled in with the default domain for the endpoint.
You can add a proxy or set up ports according to your needs.
Default value:https://hexillion.com/rf/xml/1.0/.In the Username field, enter your user name. Sign up and subscribe to the service to obtain the required authorization user name and password credentials to access the API endpoint exposing the service, and then enter your user name in this field.
In the Password field, enter the password you received after signing up for a user account at Hexillion.
To store your changes, click Save; to discard them, click Cancel.