SecurityTrails Blog · Feb 06 · SecurityTrails team

SecurityTrails Add-On for Splunk

Days ago we wrote a post where we showed how fast and easy it is to interact with our cool API to retrieve domains, IP addresses, and Whois information. Today, we have some exciting news: The release of an open source SecurityTrails Splunk Add-On.

In case you don't know Splunk, it is the definitive solution for companies and entrepreneurs who need to analyze & monitor machine big data generated by applications, systems, and infrastructure.

Written by our great friend, the skilled Mickey Perre, this Splunk Add-On allows you to work with Splunk Adaptive Response to launch fast & automated DNS lookups for your domains or IP addresses interacting with SecurityTrails API.

Supported API calls

These are the supported API calls that you can use with SecurityTrails Splunk Add-On:

  • Get Domain Information
  • List Subdomains
  • List Tags
  • Current WHOIS information
  • Historical DNS
  • Historical WHOIS
  • Domain Searcher (Searching Domains)
  • IP Range Checker
API calls

We also offer an easy interface to configure all the details you need while interacting with our API:

Interface

And the results of the API call in a JSON like format, which is also available as raw text:

Result

Are you ready to get started with SecurityTrails Splunk Add-On? Check out our installation guide and full documentation on Github. Also remember that any feedback is greatly appreciated!

SecurityTrails is the biggest effort in cyber intelligence data, and now, with our awesome API integrated with a great analysis software that Splunk is, you can get instant valuable information that will help you to prevent future attacks on your company web infrastructure, domains and DNS.

And if you are not using Splunk, remember that you can still use our awesome API to integrate your application with our big intelligent database. Contact us to request access today.