Fetch Trending Indicators

Updated 1 week ago by Elvis Hovor

Description

In the TruSTAR App for Demisto, this command returns the ten Indicators that have most recently appeared in TruSTAR Community Intel Reports. This is the same list you would see in the Community Trends section of the dashboard on the TruSTAR Web App.

Format

trustar-trending-indicators

Example

!trustar-trending-indicators indicator_type=MALWARE days_back=5

Inputs

Argument

Description

Required

indicator_type

The types of indicators to be returned. If other, then all supported indicators except for CVE and MALWARE will be returned.

No

days_back

The number of days back to count correlations for. Legal value is an integer between 1 and 30.

The default value is 30.

No

Outputs

Path

Type

Description

TruSTAR.Indicators.correlationCount

Number

Indicator correlation count

TruSTAR.Indicators.indicatorType

string

Indicator type

TruSTAR.Indicators.value

string

Indicator value

File.Name

string

The full file name

<Indicator>

string

Supported Indicators

DBotScore.Indicator

string

The indicator we tested

DBotScore.Type

string

The type of the indicator

DBotScore.Vendor

string

Vendor used to calculate the score

DBotScore.Score

number

The actual score


How Did We Do?