VirusTotal · JSON Structure

Virustotal Ioc Stream Notification Object Structure

A notification produced by Livehunt, Retrohunt, or other IoC feed subscriptions.

Type: object Properties: 5 Required: 3
Anti-MalwareThreat IntelligenceSecurityFile AnalysisURL AnalysisYARAIoCSandboxMITRE ATT&CKGoogle Cloud

IocStreamNotificationObject is a JSON Structure definition published by VirusTotal, describing 5 properties, of which 3 are required. It conforms to the https://json-structure.org/meta/core/v0/# meta-schema.

Properties

id type links attributes relationships

Meta-schema: https://json-structure.org/meta/core/v0/#

JSON Structure

Raw ↑ 
{
  "$schema": "https://json-structure.org/meta/core/v0/#",
  "$id": "https://raw.githubusercontent.com/api-evangelist/virustotal/refs/heads/main/json-structure/virustotal-ioc-stream-notification-object-structure.json",
  "name": "IocStreamNotificationObject",
  "description": "A notification produced by Livehunt, Retrohunt, or other IoC feed subscriptions.",
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "description": "Object identifier."
    },
    "type": {
      "type": "string",
      "description": "Object type discriminator."
    },
    "links": {
      "type": "object",
      "description": "Hypermedia links.",
      "properties": {
        "self": {
          "type": "uri"
        }
      }
    },
    "attributes": {
      "type": "object",
      "description": "Type-specific attributes for IocStreamNotificationObject.",
      "properties": {
        "notification_date": {
          "type": "int32"
        },
        "notification_tags": {
          "type": "array",
          "items": {
            "type": "string"
          }
        },
        "notification_source": {
          "type": "string",
          "enum": [
            "livehunt",
            "retrohunt",
            "intel_feed",
            "subscription"
          ]
        },
        "notification_id": {
          "type": "string"
        },
        "source_id": {
          "type": "string"
        },
        "source_type": {
          "type": "string"
        },
        "source_key": {
          "type": "string"
        },
        "match": {
          "type": "object",
          "description": "Details of the matched rule / object.",
          "additionalProperties": true
        }
      }
    },
    "relationships": {
      "type": "object",
      "description": "Pre-expanded relationships, keyed by relationship name.",
      "additionalProperties": true
    }
  },
  "required": [
    "id",
    "type",
    "attributes"
  ]
}