Enricher - PyDat
This article describes the specific configuration options to set up the enricher.
To configure the general options for the enricher, see Configure the general options.
|
|
Specifications |
|
Enricher name |
PyDat |
|
Input |
Domain and IP addresses (ipv4 and ipv6). |
|
Output |
Enriches supported observable types with whois data, current IP resolution and passive DNS information. |
|
API endpoint |
http://${pydat_instance_url}:8000/{Input} |
|
Description |
The PyDat enricher provides whois, including historical whois, and passive DNS lookup information. |
Requirements
Users need to install and set up PyDat locally. The product does not work outside a local network.
Before accessing PyDat features through the API endpoint, you need to configure the host.
For more information, see: Mitre blog on PyDat and PyDat GitHub repo.
Configure the enricher parameters
Edit the enricher.
In the API URL field, enter the URL allowing access to the local PyDat instance.
Example: http://${pydat_instance_url}:8000/.To store your changes, click Save; to discard them, click Cancel.