analyzer: pulsedive
query: ...
api_key: ...
| Name | Type | Required? | Default | Desc. |
|---|---|---|---|---|
| query | String | Yes | Domain or IP address | |
| api_key | String | No | ENV[ā€¯PULSEDIVE_API_KEY"] | API key |
The analyzer uses Pulsedive API and /api/info.php APII endpoint to search.
Passive DNS data (IP addresses / domains) matched with a query are treated as artifacts.
This rule outputs the following types of artifacts.
Mihari loads your Pulsedive API key via environment variable PULSEDIVE_API_KEY by default.