AlienVault TI SOAR Integration¶
This document details the tools provided by the AlienVault TI SOAR integration.
Tools¶
alien_vault_ti_ping¶
Test Connectivity
Parameters:
case_id(str, required): The ID of the case.alert_group_identifiers(List[str], required): Identifiers for the alert groups.target_entities(List[TargetEntity], optional, default=[]): Optional list of specific target entities (Identifier, EntityType) to run the action on.scope(str, optional, default=“All entities”): Defines the scope for the action.
alien_vault_ti_enriches_entities¶
Enrich external IPs, hosts, URLs, and hashes with information from AlienVault Threat Intelligence (TI)
Parameters:
case_id(str, required): The ID of the case.alert_group_identifiers(List[str], required): Identifiers for the alert groups.target_entities(List[TargetEntity], optional, default=[]): Optional list of specific target entities (Identifier, EntityType) to run the action on.scope(str, optional, default=“All entities”): Defines the scope for the action.