Rapid7 · Example Payload
Rapid7 Replaceindicators Example
SecurityVulnerability ManagementSIEMXDRCloud SecuritySOARApplication Security
Rapid7 Replaceindicators Example is an example object payload from Rapid7, with 6 top-level fields. It illustrates the shape of data this provider's APIs accept or return.
Top-level fields
operationIdmethodpathsummaryrequestExamplesresponseExamples
Example Payload
{
"operationId": "replaceIndicators",
"method": "POST",
"path": "/idr/v1/customthreats/key/{key}/indicators/replace",
"summary": "Replace indicators for a Community Threat",
"requestExamples": [
{
"contentType": "application/json",
"example": {
"ips": [
"192.168.0.1"
],
"hashes": [
"b95663ec7339033cf1fde459a34b6606"
],
"domain_names": [
"rapid7.com"
],
"urls": [
"http://example.com"
]
}
},
{
"contentType": "text/csv",
"example": "192.168.0.1,b95663ec7339033cf1fde459a34b6606,rapid7.com,http://example.com"
},
{
"contentType": "text/xml",
"example": "\n<stix:STIX_Package xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"\n xmlns:stix=\"http://stix.mitre.org/stix-1\"\n xmlns:indicator=\"http://stix.mitre.org/Indicator-2\"\n xmlns:cybox=\"http://cybox.mitre.org/cybox-2\"\n xmlns:DomainNameObj=\"http://cybox.mitre.org/objects#DomainNameObject-1\"\n xmlns:cyboxVocabs=\"http://cybox.mitre.org/default_vocabularies-2\"\n xmlns:stixVocabs=\"http://stix.mitre.org/default_vocabularies-1\"\n xmlns:example=\"http://example.com/\"\n xsi:schemaLocation=\n \"http://stix.mitre.org/stix-1 ../stix_core.xsd\n http://stix.mitre.org/Indicator-2 ../indicator.xsd\n http://cybox.mitre.org/default_vocabularies-2 ../cybox/cybox_default_vocabularies.xsd\n http://stix.mitre.org/default_vocabularies-1 ../stix_default_vocabularies.xsd\n http://cybox.mitre.org/objects#DomainNameObject-1 ../cybox/objects/Domain_Name_Object.xsd\"\n id=\"example:STIXPackage-f61cd874-494d-4194-a3e6-6b487dbb6d6e\"\n timestamp=\"2014-05-08T09:00:00.000000Z\"\n version=\"1.1.1\">\n <stix:STIX_Header>\n <stix:Title>Example watchlist that contains domain information.</stix:Title>\n <stix:Package_Intent xsi:type=\"stixVocabs:PackageIntentVocab-1.0\">Indicators - Watchlist</stix:Package_Intent>\n </stix:STIX_Header>\n <stix:Indicators>\n <stix:Indicator xsi:type=\"indicator:IndicatorType\" id=\"example:Indicator-2e20c5b2-56fa-46cd-9662-8f199c69d2c9\" timestamp=\"2014-05-08T09:00:00.000000Z\">\n <indicator:Type xsi:type=\"stixVocabs:IndicatorTypeVocab-1.1\">Domain Watchlist</indicator:Type>\n <indicator:Description>Sample domain Indicator for this watchlist</indicator:Description>\n <indicator:Observable id=\"example:Observable-87c9a5bb-d005-4b3e-8081-99f720fad62b\">\n <cybox:Object id=\"example:Object-12c760ba-cd2c-4f5d-a37d-18212eac7928\">\n <cybox:Properties xsi:type=\"DomainNameObj:DomainNameObjectType\" type=\"FQDN\">\n <DomainNameObj:Value condition=\"Equals\" apply_condition=\"ANY\">malicious1.example.com##comma##malicious2.example.com##comma##malicious3.example.com</DomainNameObj:Value>\n </cybox:Properties>\n </cybox:Object>\n </indicator:Observable>\n <indicator:Observable id=\"NCCIC:Observable-fb5606ea-23f0-472d-babf-8b7e89571881\">\n <cybox:Object id=\"NCCIC:Object-a105a51a-c324-11e7-b25d-64006a91c899\">\n <cybox:Properties xsi:type=\"AddressObj:AddressObjectType\" category=\"ipv4-addr\" is_spoofed=\"false\">\n <AddressObj:Address_Value condition=\"Equals\">185.134.98.141</AddressObj:Address_Value>\n </cybox:Properties>\n </cybox:Object>\n </indicator:Observable>\n </stix:Indicator>\n </stix:Indicators>\n</stix:STIX_Package>"
}
],
"responseExamples": []
}