analyzer: onyphe
query: ...
api_key: ...
Name | Type | Required? | Default | Desc. |
---|---|---|---|---|
query | String | Yes | Search query | |
api_key | String | No | ENV[”ONYPHE_API_KEY”] | API key |
The analyzer uses ONYPHE API v2 and /api/v2/simple/datascan
API endpoint to search.
IP addresses matched with a query are treated as artifacts.
This rule outputs the following type of artifacts.
Mihari loads your API key via environment variable ONYPHE_API_KEY
by default.