/
Data Profiles
Data Profiles
- Gary Leicht
Owned by Gary Leicht
Threat data consists of file level fields and record-level fields. The table below contains descriptions of all available fields.
Data Profiles | |
|---|---|
FIELD NAME | DESCRIPTION |
File-level fields | |
profile | data profile id or name |
record_type | host, ip, or url |
external_id | string indicating an external ID to assign to the batch |
record | surrounds the individual record(s) in the XML and JSON formats |
Record-level fields | |
host | threat hostname |
ip | threat IP address |
url | threat URL |
property | threat type |
target | target of threat |
detected | date/time threat was detected, in ISO 8601 format |
duration | duration of this threat in XyXmXwXdXh format, expiration date will be set to the detected date + this duration |
XML format:
<feed>
<profile>SampleProfile</profile>
<record_type>ip</record_type>
<record>
<ip>127.1.0.1</ip>
<property>Phishing_Phish</property>
<detected>20170602T154742Z</detected>
</record>
<record>
<ip>8.8.8.8</ip>
<property>Scanner_Generic</property>
<detected>19980927T154242Z</detected>
<duration>1y0m0w0d42h</duration>
</record>
</feed> |
JSON format:
{
"feed": {
"profile": "SampleProfile",
"record_type": "host",
"record": [
{"host": "www.example.com", "property": "Scanner_Generic", "detected": "19980927T154242Z", "duration": "1y0m0w0d42h"},
{"host": "www.example.com", "property": "Phishing_Phish", "detected": "20170602T154742Z"} ]
}
} |
CSV format:
record_type,url,profile,detected,property
url,"https://example.com/page1.html",
"SampleProfile","20170602T154742Z",
"UnwantedContent_Parasite"
url,"http://example.com/gift.html", "SampleProfile","20170602T154742Z",
"Scam_FakeGiftCard" |