Enricher - GreyNoise API
This article describes the specific configuration options to set up the enricher.
To configure the general options for the enricher, see Configure the general options.
|
|
Specification |
|
Enricher name |
GreyNoise |
|
Input |
Ipv4. |
|
Output |
Observables and entities surrounding the enriched IP observables. |
|
API endpoint |
https://enterprise.api.greynoise.io |
|
Description |
The GreyNoise extension enriches IPv4 observables on the EclecticIQ Platform, providing historical context surrounding the IP to help enable the intelligence analyst in their workflow |
Requirements
Users need an API key for their own configuration. Sign up and subscribe to the service to obtain the required API key credentials to access the API endpoint exposing the service.
Configure the enricher parameters
Edit the enricher.
In the Observable types field, select one or more observable types you want to enrich with data retrieved through the GreyNoise enricher.
The API URL field is automatically filled in with the default domain for the endpoint.
You can add a proxy or set up ports according to your needs.
Default value: https://enterprise.api.greynoise.io.In the API key field, enter the API key associated with your API user profile, so that you can log in and consume the API service.
The SSL verification checkbox is automatically selected.
To store your changes, click Save; to discard them, click Cancel.