Cyware Utility
App Vendor: Cyware
Connector Category: Cyware Product
Connector Version: 1.9.7
About App
The Cyware Utility app provides helpful actions to automate small tasks required by security analysts. The Cyware Utility app in the Orchestrate application can perform the following actions:
Action Name | Description |
|---|---|
Convert CSV to JSON | This action converts a CSV file content into JSON format. |
Create CSV File | This action creates a CSV file using the provided content and schema. |
Encode File Content as Base64 | This action encodes the content as Base64 from the local file. |
Read Content from Files | This action reads the content from the local file. |
Parse URL | This action parses the URLs into their components. |
Fang Indicator | This action is used to fang an indicator from the defang indicator value. |
Defang Indicator | This action is used to defang an indicator from the fang indicator value. |
Decode URL | This action decodes the encoded URL. |
Write File | This action writes a file from the content and returns the local file path. |
Whois Hostname Lookup | This action can be used to perform a Whois hostname lookup. |
Reverse DNS Lookup | This action performs a reverse DNS lookup. |
Comma Separated String of All the Keys | This action returns a comma-separated string of all the keys. |
Return the Length of Content | This action returns the length of the content. |
Return an Input | This action returns input as an output. |
Resolve Shortened URL | This action resolves unshortened URLs in the Cyware Utility app. |
Check URL Redirection | This action checks URL redirection. |
Check Network Status (Deprecated) | This action checks if the network is online or offline. |
Get Alias from Domain | This action retrieves an alias from a domain. |
Download Remote File | This action downloads a remote file using a URL and returns the local file path. |
Get IP Address from Domain | This action retrieves an IP address from a domain. |
Get a List of IP Addresses from Domain | This action retrieves a list of IP addresses from a domain. |
Get Host from IP Address | This action retrieves the host from the IP address. |
Convert Datetime String to Epoch | This action converts the datetime string to epoch. |
Download Large File | This action downloads a large file. |
Check If a Key Exists in a Dictionary | This action checks if a key exists in a dictionary. |
Check If Length is Zero | This action checks if the length of content is zero. If it is zero (empty), then false is returned. |
Convert XML Content to JSON | This action converts XML Content to JSON. |
Decoding Content in Base64 | This action decodes content with or without bytes in base64. |
Encoding Content in Base64 | This action encodes the content in base64 with utf-8 string and with or without bytes. |
Extract URL | This action extracts all URLs from the content. |
Extract IOCs | This action extracts all IOCs from the content. |
Extract Domains | This action extracts domains (FQDN, sub-domains) from URL/content. |
Extract E-mail | This action extracts the E-mail from the content. |
Extract Hash | This action extracts hash (sha1, md5, sha256, ssdeep) values from content. |
Check Hash Type | This action checks the hash type. |
Match Regex | This action matches a custom regular expression(regex) and extracts details from the content. |
Convert Dictionary to JSON | This action converts the dictionary to JSON. |
Get Hash of Content-file | This action can be used to get the hash of file/content. |
Extract IPv4 | This action extracts the IPV4 address from the content. |
Append Content to File | This action appends content to a specific file. |
Get File MIME type | This action retrieves the MIME type of file. |
Read CSV file | This action reads CSV file content. |
Utility to Convert Epoch to ISO Time | This action converts epoch to ISO time. |
Remove HTML Tags | The action removes HTML tags. |
Extract IPv6 | This action helps extract all IP6 addresses. |
Check If IP Address is Public or Private | This action checks whether the user-provided IP address is a public or private network. |
Segregate Public and Private IP Addresses | This action segregates public and private IP addresses. |
Get Unique Items | This action removes duplicate entries in the input list provided. |
Decode Base64 and Write File | This action decodes base64 content and writes it to a file. |
Create XLSX File (To be Deprecated) | This action creates an XLSX file. |
Write File on Local Server | This action writes a file on a local server. |
Read Content from File in Local Server | This action reads content from a local file path. |
Append Content to File on Local Server | This action appends content to a file on a local server. |
Get Time As Epoch | This action retrieves the current time in Epoch format. |
Get Time As ISO Format | This action retrieves the current time in ISO format. |
Time Delta | This action performs addition or subtraction of time from an Epoch. |
Create XLSX File with Sheets | This action creates an XLSX file with multiple sheets. Alternatively, it can be utilized to create an XLSX file with just a single sheet |
ISO to Epoch | This action converts an ISO time formatted string to an epoch timestamp. |
Read Content from File | This action reads the content from the local file. |
Configuration Parameters
The Cyware Utility app does not require configuration parameters to connect to the endpoint.
Action: Append Content to File
This action appends content to a specific file.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Content | Enter the content to append to the file. Example: Incident details to append | Text | Required |
|
File Path | Enter the file path you want to append to the content. Example: /documents/read/incident.txt | Text | Required |
|
Example Request
[
{
"file_path": "/documents/read/incident.txt",
"content": "Incident details to append"
}
]Action: Check Hash Type
This action checks the hash type.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Hash | Enter the hash value to check the hash type. Example: 874xxxxxxxxxxxxxxxx1633f5c74f5 | Text | Required | Supported Hash types:
|
Example Request
[
{
"hash": "874xxxxxxxxxxxxxxxxx1633f5c74f5"
}
]Action: Check if a Key Exists in a Dictionary
This action checks if a key exists in a dictionary.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Key | Enter the name to check in the dictionary. Example: John Doe | Text | Required | |
Dictionary | Enter the dictionary name to search for the key. Example: Users | Any | Required |
Example Request
[
{
"key":"John Doe",
"dictionary":"Users"
}
]Action: Check if Length is Zero
This action checks if the length of content is zero (empty). If it is zero, then false is returned.
Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Content | Enter the content to check the length. Example: John Doe | Any | Required |
Example Input
[
{
"content": "John Doe"
}
]Action: Check Network Status (Deprecated)
This action checks if the network is online or offline.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Hostname | Enter the hostname to check the network status. Example: hostname.com | Text | Required | |
Port | Enter the port. | Text | Optional | Default: 443 |
Example Request
[
{
"hostname":"hostname.com"
}
]Action: Check URL Redirection
This action checks URL redirection.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
URL | Enter the URL to check redirection. Example: https://cyware.com | Text | Required |
|
Example Request
[
{
"url": "https://cyware.com"
}
]Action: Comma Separated String of All the Keys
This action returns a comma-separated string of all the keys.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Dictionaries | Enter the list of dictionaries for the keys. {"a": "example"} | Any | Required |
|
Key | Enter the key. Example: incident | Any | Required |
|
Example Request
[
{
"content_key": "incident",
"content_list":
{
"a": "example"
}
}
]Action: Convert CSV to JSON
This action converts CSV file content into JSON format.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
File Path | Enter the CSV file path. Example: /documents/read/incident.txt | Text | Required |
|
Example Request
[
{
"filepath": "/documents/read/incident.txt"
}
]Action: Convert Datetime String to Epoch
This action converts datetime string to epoch.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Datetime String | Enter the datetime string to convert to epoch time. Example: 2020-06-13 | Text | Required |
|
Example Request
[
{
"datetime_str": "2020-06-13"
}
]Action: Convert Dictionary to JSON
This action converts the dictionary to JSON.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Content | Enter the dictionary to convert to JSON. | Any | Required |
|
Example Request
[
{
"content": "Phishing Details"
}
]Action: Convert XML Content to JSON
This action converts XML content to JSON.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Content | Enter the XML content to convert to JSON. Example: ?xml version=\"1.0\" encoding=\"UTF-8\"? ;<note> <to>User1</to> <from>User2</from> <heading>heading values</heading> <body>body content here</body> </note> | XML String | Required |
Example Request
[
{
"content": "?xml version=\"1.0\" encoding=\"UTF-8\"? ;<note> <to>User1</to> <from>User2</from> <heading>heading values</heading> <body>body content here</body> </note>"
}
]Action: Create CSV File
This action creates a CSV file using provided content and schema. This action returns a file path of the created CSV file. You can use the action Read CSV File and pass the file path of the created CSV file to view the file contents.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
File Name | Enter the file name with the . csv extension. Example: indicators.csv | Text | Required | |
Column Names | Enter the list of column names for the CSV file. Example: $LIST[ioc_type, ip] | Any | Required | |
Column Values | Enter the column values in the form of key-value pairs. Example: ip: $LIST[192.1xx.1.38] ioc_type: $LIST[malware, indicators] | Key-value | Required |
Example Request
[
{
"filename": "indicators.csv",
"column_names": [
"ioc_type",
"ip"
],
"column_values": {
"ip": [
"192.1xx.1.38"
],
"ioc_type": [
"malware, indicators"
]
}
}
]Action: Decode URL
This action decodes the encoded URL.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Encoded URL | Enter the encoded URL to decode. Example: https%3A%2F%2Fwww.sampleurl.com%2F | Text | Required |
Example Request
[
{
"encoded_url": "https%3A%2F%2Fwww.sampleurl.com%2F"
}
]Action: Decoding Content in Base64
This action decodes content with or without bytes in Base64.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Content | Enter the content to decode. Example: "{W" | Any | Required |
Example Request
[
{
"content": "{W"
}
]Action: Defang Indicator
This action defangs an indicator from the fang indicator value.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Indicator Value | Enter the indicator value to defang. Example: fooATincident[.]com | Text | Required |
Example Request
[
{
"indicator_value": "fooAincident[.]com"
}
]Action: Download Large File
This action downloads a large file.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
URL | Enter the URL to download the large file. Example: myrepository.com | Text | Required | |
File Name | Enter the file name for the downloaded file. Example: Incidents | Text | Required | |
Allows Bytes | Specify if the file is needed in bytes. Example: yes | Boolean | Optional |
Example Request
[
{
"url": "myrepository.com",
"filename": "Incidents",
"allows_bytes": yes
}
]Action: Download Remote File
This action downloads a remote file using a URL and returns the local file path.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
URL | Enter the URL to download the file. Example: myrepository.com | Text | Required |
|
File Name | Enter the file name to store in the local path. Example: Incidents | Text | Required |
|
Example Request
[
{
"url": "myrepository.com",
"filename": "Incidents"
}
]Action: Encoding Content in Base64
This action encodes the content in base64 with utf-8 string and with or without bytes.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Content | Enter the content to encode in Base64. Example: Details about a phishing incident | Any | Required |
|
Convert Result to UTF | Specify if you need to convert the results to utf-8 format. Example: yes | Boolean | Optional | Default value: yes |
Your Source Format | Specify the source format. Select yes for UTF. Select no for binary. Example: yes | Boolean | Optional | Allowed values:
|
Example Request
[
{
"content": "Details about a phishing incident",
"allow_bytes": yes,
"allow_utf": yes
}
]Action: Extract Domains
This action extracts domains (FQDN, sub-domains) from URL or content.
Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Content | Enter the content to extract domains. Example: cyware.com has a plethora of resources to get threat intel feeds | Text | Required | |
New TLDs | Enter one or more top-level domains (TLDs) to be added to the regex pattern. For example, to add .org to the regex pattern, include | List | Optional | This parameter allows you to add TLDs that are not currently supported for domain extraction. When you submit the request, these TLDs are integrated with the regex pattern for future use within the playbook, ensuring accurate identification of FQDNs without repeated entry. |
Example Input
[
{
"content": "cyware.com has a plethora of resources to get threat intel feeds"
}
]Action: Extract E-mail
This action extracts the E-mail from the content.
Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Content | Enter the content to extract the email. Example: Example content with example@email.com | Text | Required |
Example Input
[
{
"content": "Example content with example@email.com"
}
]Action: Extract Hash
This action extracts hash (SHA1, MD5, SHA256, ssdeep) values from content.
Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Content | Enter the content to extract hash. Example: Example content with 8743b52063cd84097a65d1633f5c74f5 | Text | Required |
Example Input
[
{
"content": "Example content with 8743b52063cd84097a65d1633f5c74f5"
}
]Action: Extract IOCs
This action extracts all IOCs from the content.
Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Content | Enter the content to extract IOCs. | Any | Required |
Example Input
[
{
"content": "Example content with IOC 1.1.1.1"
}
]Action: Extract IPv4
This action extracts the IPv4 address from the content.
Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Content | Enter the content to extract IP values. Example: Example content containing 152.19.95.83 | Any | Required |
Example Input
[
{
"content": "Example content containing 152.19.95.83"
}
]Action: Extract URL
This action extracts all URLs from the content.
Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Content | Enter the content to extract URL. Example: Example content with URL https://exampleurl.com/ | Text | Required |
Example Input
[
{
"content": "Example content with URL https://exampleurl.com/"
}
]Action: Fang Indicator
This action is used to fang an Indicator from the defang Indicator value.
Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Indicator Value | Enter the indicator value to defang. Example: 1.1.1.1 | Text | Required |
|
Example Input
[
{
"indicator_value": "1.1.1.1"
}
]Action: Get Alias from Domain
This action retrieves an alias from a domain.
Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Domain | Enter the domain to get alias. | Text | Required |
Example Input
[
{
"domain": "www.exampledomain.com"
}
]Action: Get a List of IP Addresses from Domain
This action retrieves a list of IP addresses from a domain.
Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Domain | Enter the domain values to get a list of IP addresses from domain. Example: www.exampledomain.com | Text | Required |
Example Input
[
{
"domain": "www.exampledomain.com"
}
]Action: Get file MIME type
This action retrieves the MIME type of file.
Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
File path | Enter the file path to get the MIME type. Example: /Documents/Read/examplefile.txt | Text | Required |
Example Input
[
{
"filepath": "/documents/read/examplefile.txt"
}
]Action: Get Hash of Content-file
This action can be used to get the hash of file/content.
Input Parameter
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
File Path | Enter the file location to get hash. | Text | Optional | |
Content | Enter the content of the hash file. | Any | Optional |
Example Input
[
{
"file_path": "/documents/read/examplefile.txt",
"content": "Example Content"
}
]Action: Get Host from IP Address
This action retrieves the host from the IP address.
Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
IP Address | Enter the IP address to get the host details. Example: 1.1.1.1 | Text | Required |
Example Input
[
{
"ip_address": "1.1.1.1"
}
]Action: Get IP Address from Domain
This action retrieves an IP address from a domain.
Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Domain | Enter the domain value to get the associated IP address. | Text | Required |
Example Input
[
{
"domain": "Example Domain"
}
]Action: ISO to Epoch
This action converts an ISO time-formatted string to an epoch timestamp.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
ISO Time | Enter the ISO formatted date as a string. Example: 1978-02-24T00:00:000Z | Text | Required |
Example Request
[
{
"iso_time": "1978-02-24T00:00:000Z"
}
]Action: Match Regex
This action matches a custom regular expression(regex) and extracts details from the content.
Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Regex | Enter the custom regex expression. Example: <(.*?)> | Text | Required | Note: The action is using the re.findall() python method, here are some regex param examples:
This character represents the value to be extracted from the surrounding characters: (.*?) |
Content | Enter the content to extract the details. Example: Example Content | Text | Required |
Example Input
[
{
"regx": "<(.*?)>",
"content": "Sample Content"
}
]Action: Parse URL
This action parses the URL(s) into its components.
Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
URL | Enter the URL to parse. Example: www.example.com | Text | Required |
Example Input
[
{
"url": "www.example.com"
}
]Action: Read Content from File
This action reads the content from the local file.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
File Path | Enter the path of the local file. Example: tmp/incident.txt | Text | Required |
Example Request
[
{
"file_path": "tmp/incident.txt"
}
]Action: Read Content From Files
This action reads the content from the local file.
Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
File Path | Enter the file location path to read the file content. Example: /temp/examplefile.txt | Text | Required | |
PDF Password | If the PDF file is password protected, enter the password to open the PDF. | Password | Optional | |
Read File As Dictionary | Enter true to read the CSV file as a dictionary. | Boolean | Optional | Default value: False |
Ignore Errors in RTF file | Enter true to ignore the UnicodeDecodingErrors in the RTF file. | Boolean | Optional | Default value: False |
Encoding in RTF File Extension | Enter the file encoding of the RTF file other than UTF-8. Example: latin-1 | Text | Optional | Default value: UTF-8 |
Example Input
[
{
"filepath": "/temp/examplefile.txt"
}
]Action: Read CSV file
This action reads CSV file content.
Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
File path | Enter the CSV file path. Example: /Documents/Read/examplefile.csv | Text | Required | |
Read file as dictionary | Specify if you want to read the file as a dictionary. Example: True | Boolean | Optional | Allowed values:
Default value:
|
Example Input
[
{
"filepath": "/documents/read/examplefile.csv",
"read_dict": "True"
}
]Action: Resolve Shortened URL
This action resolves unshortened URL.
Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
URL | Enter the shortened URL to resolve. Example: https:/shorturl.com/example | Text | Required |
Example Input
[
{
"url": "https:/shorturl.com/example"
}
]Action: Return an Input
This action returns the input as output.
Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Content | Enter the content to return as output. Example: sample content | Any | Required |
Example Input
[
{
"content": "sample content"
}
]Action: Return the Length of Content
This action returns the length of the content.
Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Content | Enter the content. Example: Example Content | Any | Required |
Example Input
[
{
"content": "Example Content"
}
]Action: Reverse DNS Lookup
This action performs a reverse DNS lookup.
Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
IP Address | Enter the IP address to perform the DNS lookup. Example: 1.1.1.1 | Text | Required |
Example Input
[
{
"ip_address": "1.1.1.1"
}
]Action: Utility to Convert Epoch to ISO time
This action converts epoch to ISO time.
Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Epoch Time | Enter the epoch time to convert. | Text | Required | |
Time Zone | Enter the time zone. Example:
| Default value: UTC |
Example Input
[
{
"epoch_time": "1628865672",
"time_zone": "Asia/Kolkata"
}
]Action: Whois Hostname Lookup
This action can be used to perform a Whois hostname lookup.
Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Hostname | Enter the hostname to perform the Whois lookup. Example: demo.org | Text | Required |
Example Input
[
{
"hostname": "demo.org"
}
]Action: Write File
This action writes a file from content and returns the local file path.
Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Content | Enter the content for the file. | Any | Required | |
File Name | Enter the name for the file. | Text | Required |
Example Input
[
{
"content": "Example Content",
"filename": "Example File"
}
]Action: Remove HTML Tags
The action removes HTML tags.
Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
Raw HTML String | Enter the raw HTML string. Example: <html><head>header</head><body>samplecontent</body></html> | Text | Required |
Example Input
[
{
"raw_html_str": "<html><head>header</html>
<body>samplecontent</body></html>"
}
]Action: Extract IPv6
This action extracts all IPv6 addresses.
Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
Content | Enter the content to extract IPv6 addresses. Example: Time=13:10, IP address 2001:db8:3333:4444:CCCC:DDDD:EEEE:FFFF is for sample DNS | Text | Required |
Example Input
[
{
"content": "Time=13:10, IP address 2001:db8:3333:4444:CCCC:DDDD:EEEE:FFFF is for sample DNS"
}
]Action: Check If IP Address is Public or Private
This action checks whether the user-provided IP address is a public or private network.
Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
IP Address | Enter the IP address to check if it is public or private. Example: 172.16.16.12 | Any | Required |
|
Example Input
[
{
"input_ip_address": "172.16.16.12"
}
]Action: Segregate Public and Private IP Addresses
This action segregates the public and private IP addresses.
Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
List of IP Address | Provide the IP address list to segregate the public and private IP addresses. Example: $LIST[192.168.2.1, 192.168.2.2, 192.168.2.3, 1.1.1.1, 8.8.8.8, 172.16.1.2, 172.16.16.12] | List | Required |
Example Input
[
{
"ip_list": [
"192.168.2.1",
"192.168.2.2",
"192.168.2.3",
"1.1.1.1",
"8.8.8.8",
"172.16.1.2",
"172.16.16.12"
]
}
]Action: Get Unique Items
This action removes duplicate entries in the input list provided.
Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
Input List | Enter a list to remove duplicate entries. Example: $LIST[1,2,3,4,5,6,1,1,1,1,item1,item1] | List | Required |
Example Input
[
{
"input_list": [
"1",
"2",
"3",
"4",
"5",
"6",
"1",
"1",
"1",
"1",
"1",
"item1",
"item1"
]
}
]Action: Decode Base64 and Write File
This action decodes Base64 content and writes it to a file.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
Filename | Enter a filename. Example: samplefile.xlsx | Text | Required | |
Content | Enter the Base64 encoded content that you need to write to a file. Example: aGkgdGhpcyBpcyBhIGR1bW15IHRlc3QgZmlsZQ== | Text | Required |
Example Request
[
{
"content": "aGkgdGhpcyBpcyBhIGR1bW15IHRlc3QgZmlsZQ==",
"filename": "sample_file"
}
]Action: Create XLSX File (To be Deprecated)
This action creates an XLSX file. Note that this action will soon be deprecated. It is recommended to use the newly introduced action Create XLSX File with Sheets
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
Filename | Enter the file name of the XLSX file. Example: incidents.xlsx | Text | Required | |
Headers | Enter a list of headers of the XLSX file. Example: $LIST[name, incident_id] | List | Optional | |
Values | Enter a multi-dimensional list of values that you need to add to the XLSX file. Example: $LIST[$LIST[Phishing,1876],$LIST[Ransomware,2768],$LIST[Smishing,38908]] | List | Optional |
Example Request
[
{
"data": "[[Phishing,1876],[Ransomware,2768],[Smishing,38908]]",
"header": ["name","incident_id"],
"filename": "incident.xlsx"
}
]Action: Check Network Status (Deprecated)
This action checks if the network is online or offline.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Hostname | Enter the hostname to check the network status. Example: hostname.com | Text | Required | |
Port | Enter the port. | Text | Optional | Default: 443 |
Example Request
[
{
"hostname":"hostname.com"
}
]Action: Append Content to File on Local Server
This action appends content to a file on a local server.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
File Path | Enter the local path of the file to append the content. Example: tmp/incident.txt | Text | Required | |
Content | Enter the content to append to the file. Example: Details about a phishing incident | Text | Required |
Example Request
[
{
"content":"Details about a phishing incident",
"file_path":"tmp/incident.txt "
}
]Action: Read Content from File in Local Server
This action reads content from a local file path.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
File Path | Enter the local file path to read the content. Example: tmp/incident.txt | Text | Required |
|
Example Request
[
{
"file_path": "tmp/incident.txt"
}
]Action: Write File on Local Server
This action writes a file on a local server.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
File Name | Enter the file name. Example: incident.txt | Text | Required | |
Content | Enter the content. Example: Details about a phishing incident | Any | Required |
Example Request
[
{
"filename":"incident.txt",
"content":"Details about a phishing incident"
}
]Action: Get Time As Epoch
This action retrieves the current time in epoch format.
Example:
1545925769
Action Input Parameters
This action does not require any input parameter.
Action: Get Time As ISO Format
This action retrieves the current time in ISO format.
Example:
2017-12-31T00:00:00
Action Input Parameters
This action does not require any input parameter.
Action: Time Delta
This action performs the addition or subtraction of time from an epoch.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
Input Time As Epoch | Enter a time in epoch format. If no epoch is entered, the current time will be considered. Example: 1545925769 | Integer | Optional |
|
Hours | Enter the number of hours to add or subtract from an epoch. Example: 1, -12 | Integer | Optional |
|
Minutes | Enter the number of minutes to add or subtract from an epoch. Example: 1, -30 | Integer | Required |
|
Seconds | Enter the number of seconds to add or subtract. Example: 1, -45 | Integer | Optional |
|
Action: Create XLSX File with Sheets
This action creates an XLSX file with multiple sheets. Alternatively, it can be utilized to create an XLSX file with just a single sheet.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
Filename | Enter the XLSX filename | Text | Required |
|
Sheets Name | Enter the list of sheets name to be included in the XLSX file. Example: $LIST['Sheet_1'] | List | Required |
|
Headers | Enter the sheet-wise list of columns (headers) to be added to the spreadsheet, specifying them sheet by sheet. Example: {'Sheet_1':['First Name', 'Last Name', 'User ID'],'Sheet_2':['Emp ID','Emp Name']} | Key Value | Optional |
|
Values | Enter the sheet-wise multi-dimensional list of values organized by the sheet name to be added to the spreadsheet. Example: {'Sheet_1':[['bob', 'smith', '111'], ['mary', 'jane', '112']],'Sheet_2':[['1213','Aman'],['1334','Aru']]} | Key Value | Optional |
|