This document explains how to set up and use Farsight Security with TruSTAR Station.
- Time to Install: 10 minutes
- Feed Type: Closed <requires <<intel feed name>> subscription>
- Update Mechanism: Query-based
- Update Frequency: 15 minutes
- API Timeout: <interval>
This integration queries Farsight's DNSDB and returns Passive DNS results for associated indicators.
- A subscription to Farsight Security DNSDB.
- A Farsight Security DNSDB API key.
- Log into TruSTAR Station.
- Click the Marketplace icon on the left side icon list.
- Click Closed Sources.
- Click Subscribe on the Farsight Security box.
- Enter your Farsight Security API key and click Save Credentials & Request Subscription.
TruSTAR will validate the integration within 48 hours and send an email when the integration has been enabled.
Q: What data is pulled from Farsight DNSDB?
A. The integration pulls reports from Farsight that have cyber IOC’s. These include:
- URL (Domains are extracted from URL)
Contact TruSTAR to discuss additional indicators that can be queried from Farsight DNSDB.
No reported issues.