I do not believe either way is possible, as there is no looping capability in playbooks or workflows. I believe, as of right, you would have to call the playbook for each individual ip or url.
How is the list of ips/urls created? Are you inputting a list or is there another playbook creating this list?
If another playbook is creating this list, then the following could be done:
- The playbook that creates the list of ips/urls could create an artifact for each ip/url in the list
- An automatic playbook would run off the creation of an ip/url artifact that would then fetch the reputation for that ip/url.
------------------------------
Richard Swierk
------------------------------
Original Message:
Sent: Wed May 28, 2025 02:34 AM
From: Sai Kumar Reddy Dhubbaka
Subject: fetching virus total through api using network shell command
Hi Richard,
I need to fetch Reputation for list of ips or urls through a loop . It can be possible through VT function in SOAR or I want to use a custom script.
Thanks,
Sai
------------------------------
Sai Kumar Reddy Dhubbaka
Original Message:
Sent: Mon May 05, 2025 11:41 AM
From: Richard Swierk
Subject: fetching virus total through api using network shell command
Hello,
I am going to need more details about what you are trying to accomplish.
You can use the virus total integration to get the details about an IP address (these include the reputation). You can only get the details of one IP address at a time.
Here is a link to the API call for virus total https://docs.virustotal.com/reference/ip-info
------------------------------
Richard Swierk
Original Message:
Sent: Tue April 29, 2025 11:38 AM
From: Sai Kumar Reddy Dhubbaka
Subject: fetching virus total through api using network shell command
can you help me with how to fetch virus total rep value for list of ips through api using network util shell command function
------------------------------
Sai Kumar Reddy Dhubbaka
------------------------------