interface CortexNodeParameters {
additionalFields?: {
force?: boolean;
timeout?: number;
};
analyzer?: string;
binaryPropertyName?: string;
entityType?: string;
jobId?: string;
jsonObject?: boolean;
objectData?: string;
observableType?: string;
observableValue?: string;
operation?: "get"
| "execute"
| "report";
parameters?:
| {
values: {
description?: string;
flag?: boolean;
owner?: string;
severity?: 1
| 3
| 2;
startDate?: string;
tags?: string;
title?: string;
tlp?: 0 | 1 | 3 | 2;
};
}
| {
values: {
artifacts?: {
artifactValues: {
binaryProperty?: string;
data?: string;
dataType?: | "other"
| "url"
| "file"
| "domain"
| "filename"
| "fqdn"
| "hash"
| "ip"
| "mail"
| "mail_subject"
| "regexp"
| "registry"
| "uri_path"
| "user-agent";
message?: string;
tags?: string;
}[];
};
date?: string;
description?: string;
follow?: boolean;
severity?: 1
| 3
| 2;
source?: string;
sourceRef?: string;
status?: "New" | "Updated" | "Ignored" | "Imported";
tags?: string;
title?: string;
tlp?: 0 | 1 | 3 | 2;
type?: string;
};
}
| {
values: {
binaryPropertyName?: string;
data?: string;
dataType?: | "other"
| "url"
| "file"
| "domain"
| "filename"
| "fqdn"
| "hash"
| "ip"
| "mail"
| "mail_subject"
| "regexp"
| "registry"
| "uri_path"
| "user-agent";
ioc?: boolean;
message?: string;
startDate?: string;
status?: "Ok"
| "Deleted";
tlp?: 0 | 1 | 3 | 2;
};
}
| {
values: {
flag?: boolean;
status?: | "Completed"
| "Waiting"
| "InProgress"
| "Cancel";
title?: string;
};
}
| {
values: {
message?: string;
startDate?: string;
status: "Ok"
| "Deleted";
};
};
resource?: "analyzer"
| "job"
| "responder";
responder?: string;
tlp?: 0 | 1 | 3 | 2;
}Properties§
Source§readonly analyzer?: string
readonly analyzer?: string
Choose the analyzer. Choose from the list, or specify an ID using an expression. Type options: {"loadOptionsMethod":"loadActiveAnalyzers"}
Source§readonly entity
readonly entity
Choose the Data type. Choose from the list, or specify an ID using an expression. Type options: {"loadOptionsMethod":"loadDataTypeOptions","loadOptionsDependsOn":["responder"]}
Source§readonly observable
readonly observable
Choose the observable type. Choose from the list, or specify an ID using an expression. Type options: {"loadOptionsMethod":"loadObservableOptions","loadOptionsDependsOn":["analyzer"]}
Source§readonly parameters?:
| {
values: {
description?: string;
flag?: boolean;
owner?: string;
severity?: 1
| 3
| 2;
startDate?: string;
tags?: string;
title?: string;
tlp?: 0 | 1 | 3 | 2;
};
}
| {
values: {
artifacts?: {
artifactValues: {
binaryProperty?: string;
data?: string;
dataType?: | "other"
| "url"
| "file"
| "domain"
| "filename"
| "fqdn"
| "hash"
| "ip"
| "mail"
| "mail_subject"
| "regexp"
| "registry"
| "uri_path"
| "user-agent";
message?: string;
tags?: string;
}[];
};
date?: string;
description?: string;
follow?: boolean;
severity?: 1
| 3
| 2;
source?: string;
sourceRef?: string;
status?: "New" | "Updated" | "Ignored" | "Imported";
tags?: string;
title?: string;
tlp?: 0 | 1 | 3 | 2;
type?: string;
};
}
| {
values: {
binaryPropertyName?: string;
data?: string;
dataType?: | "other"
| "url"
| "file"
| "domain"
| "filename"
| "fqdn"
| "hash"
| "ip"
| "mail"
| "mail_subject"
| "regexp"
| "registry"
| "uri_path"
| "user-agent";
ioc?: boolean;
message?: string;
startDate?: string;
status?: "Ok"
| "Deleted";
tlp?: 0 | 1 | 3 | 2;
};
}
| {
values: {
flag?: boolean;
status?: | "Completed"
| "Waiting"
| "InProgress"
| "Cancel";
title?: string;
};
}
| {
values: {
message?: string;
startDate?: string;
status: "Ok"
| "Deleted";
};
}
readonly parameters?:
| {
values: {
description?: string;
flag?: boolean;
owner?: string;
severity?: 1
| 3
| 2;
startDate?: string;
tags?: string;
title?: string;
tlp?: 0 | 1 | 3 | 2;
};
}
| {
values: {
artifacts?: {
artifactValues: {
binaryProperty?: string;
data?: string;
dataType?: | "other"
| "url"
| "file"
| "domain"
| "filename"
| "fqdn"
| "hash"
| "ip"
| "mail"
| "mail_subject"
| "regexp"
| "registry"
| "uri_path"
| "user-agent";
message?: string;
tags?: string;
}[];
};
date?: string;
description?: string;
follow?: boolean;
severity?: 1
| 3
| 2;
source?: string;
sourceRef?: string;
status?: "New" | "Updated" | "Ignored" | "Imported";
tags?: string;
title?: string;
tlp?: 0 | 1 | 3 | 2;
type?: string;
};
}
| {
values: {
binaryPropertyName?: string;
data?: string;
dataType?: | "other"
| "url"
| "file"
| "domain"
| "filename"
| "fqdn"
| "hash"
| "ip"
| "mail"
| "mail_subject"
| "regexp"
| "registry"
| "uri_path"
| "user-agent";
ioc?: boolean;
message?: string;
startDate?: string;
status?: "Ok"
| "Deleted";
tlp?: 0 | 1 | 3 | 2;
};
}
| {
values: {
flag?: boolean;
status?: | "Completed"
| "Waiting"
| "InProgress"
| "Cancel";
title?: string;
};
}
| {
values: {
message?: string;
startDate?: string;
status: "Ok"
| "Deleted";
};
}
Default: {} Type options: {"loadOptionsDependsOn":["entityType"]}
Source§readonly responder?: string
readonly responder?: string
Choose the responder. Choose from the list, or specify an ID using an expression. Type options: {"loadOptionsMethod":"loadActiveResponders"}
Default: {}