Updated 1 year ago by TruSTAR

This document explains how to set up the AbuseIPDB premium intelligence source in the TruSTAR platform.

AbuseIPDB is a project designed to help combat the spread of hackers, spammers, and abusive activity on the internet by providing a central blacklist for IP addresses that have been associated with malicious activity online.

The integration with TruSTAR enables you to to view AbuseIPDB IP addresses as TruSTAR Reports.

  • Source Type: Premium Intel
  • Update Type: Query-based
  • Time to install: 10 minutes

Observables Supported

  • IP addresses


  • A freemium or paid subscription to AbuseIPDB
TruSTAR Admin rights are required to activate this Premium Intelligence feed.

Getting Started

  1. Log into the TruSTAR Web App.
  2. Click the Marketplace icon on the left side Navigation Bar.
  3. Choose Premium Intel.
  4. Click Subscribe on the Abuse IPDB box.
  5. Enter your Abuse IPDB API key and click Save Credentials & Request Subscription.

TruSTAR will validate the integration within 48 hours and send an email when the integration has been enabled.

Known Issues

No reported issues.

Please contact support@trustar.co if you have issues with this integration.

How Did We Do?