Maxmind

Cyware Orchestrate

Maxmind

App Vendor: MaxMind GeoIP

Connector Category: Data Enrichment & Threat Intelligence | Network Security

Connector Version: 1.1.0

API Version: 2.1.0

About App

The MaxMind GeoIP app allows security teams to integrate with the MaxMind GeoIP enterprise application. The app helps Analysts to identify the location of IPs from where the attacks have originated. Location details of the IP such as Country/City can be identified to gain insights on the attack.

The MaxMind GeoIP app in the Orchestrate application can perform the below-listed actions:

Action Name	Description
Get insight associated with an IP	This action obtains insights associated with a given IP.
Get city associated with an IP	This action retrieves details of the city associated with a given IP.
Get country associated with an IP	This action retrieves details of the country associated with a given IP.

Configuration Parameters

The following configuration parameters are required for the MaxMind GeoIP app to communicate with the MaxMind GeoIP enterprise application. The parameters can be configured by creating instances in the app.

Parameter	Description	Field Type	Required/Optional	Comments
User ID	Enter the User ID or the Account ID. Example: "474221"	Text	Required
License Key	Enter the MaxMind GeoIP License key for authorization.	Password	Required

Parameter

Description

Field Type

Required/Optional

Comments

User ID

Enter the User ID or the Account ID.

Example:

"474221"

Text

Required

License Key

Enter the MaxMind GeoIP License key for authorization.

Password

Required

Action: Get insight associated with an IP

This action obtains insights associated with a given IP.

Input Parameters

Parameter	Description	Field Type	Required/Optional	Comments
IP address	Enter the IP address. Example: "1.1.1.1"	Text	Required

Parameter

Description

Field Type

Required/Optional

Comments

IP address

Enter the IP address.

Example:

"1.1.1.1"

Text

Required

Example Request

[
  {
    "ip": "1.1.1.1"
  }
]

Action: Get city associated with an IP

This action retrieves details of the city associated with a given IP.

Input Parameters

Parameter	Description	Field Type	Required/Optional	Comments
IP address	Enter the IP address. Example: "1.1.1.1"	Text	Required

Parameter

Description

Field Type

Required/Optional

Comments

IP address

Enter the IP address.

Example:

"1.1.1.1"

Text

Required

Example Request

[
  {
    "ip": "1.1.1.1"
  }
]

Action: Get country associated with an IP

This action retrieves details of the country associated with a given IP.

Input Parameters

Parameter	Description	Field Type	Required/Optional	Comments
IP address	Enter the IP address. Example: "1.1.1.1"	Text	Required

Parameter

Description

Field Type

Required/Optional

Comments

IP address

Enter the IP address.

Example:

"1.1.1.1"

Text

Required

Example Request

[
  {
    "ip": "1.1.1.1"
  }
]

Was this helpful?

Would you like to provide feedback? Just click here to suggest edits.

Cyware Orchestrate

Maxmind

About App

Configuration Parameters

Action: Get insight associated with an IP

Input Parameters

Example Request

Action: Get city associated with an IP

Input Parameters

Example Request

Action: Get country associated with an IP

Input Parameters

Example Request

Search results