2023-01-27 09:47:59 +00:00
|
|
|
#
|
|
|
|
# Search assistant text for custom search command
|
|
|
|
#
|
|
|
|
|
|
|
|
[options]
|
2023-01-27 21:11:23 +00:00
|
|
|
syntax = (wildcard_prefix=<column_names>)? | (wildcard_suffix=<column_names>)? | (wildcard_affix=<column_names>)? | (message=<string>)?
|
2023-01-27 09:47:59 +00:00
|
|
|
description = 'wildcard_*' controls which columns to have their value\
|
|
|
|
affixed with wildcard character. Affixed value will be added to a\
|
|
|
|
new column. 'message' adds a custom message to new column custom_message.
|
|
|
|
|
|
|
|
[message-option]
|
|
|
|
syntax = (message=<string>)?
|
|
|
|
description = 'message' adds a custom message to new column custom_message.
|
|
|
|
|
|
|
|
[geturlhausfilter-command]
|
|
|
|
syntax = geturlhausfilter <options>
|
|
|
|
description = Get urlhaus-filter from malware-filter.
|
|
|
|
usage = public
|
|
|
|
example = | geturlhausfilter wildcard_prefix="path" message="lorem ipsum"
|
|
|
|
related = getphishingfilter getpupfilter getvnbadsitefilter getbotnetfilter
|
|
|
|
|
|
|
|
[getphishingfilter-command]
|
|
|
|
syntax = getphishingfilter <options>
|
|
|
|
description = Get phishing-filter from malware-filter.
|
|
|
|
usage = public
|
|
|
|
example = | getphishingfilter wildcard_prefix="path" message="lorem ipsum"
|
|
|
|
related = geturlhausfilter getpupfilter getvnbadsitefilter getbotnetfilter
|
|
|
|
|
|
|
|
[getpupfilter-command]
|
|
|
|
syntax = getpupfilter <options>
|
|
|
|
description = Get pup-filter from malware-filter.
|
|
|
|
usage = public
|
|
|
|
example = | getpupfilter wildcard_prefix="path" message="lorem ipsum"
|
|
|
|
related = geturlhausfilter getphishingfilter getvnbadsitefilter getbotnetfilter
|
|
|
|
|
|
|
|
[getvnbadsitefilter-command]
|
|
|
|
syntax = getvnbadsitefilter <options>
|
|
|
|
description = Get vn-badsite-filter from malware-filter.
|
|
|
|
usage = public
|
|
|
|
example = | getvnbadsitefilter wildcard_prefix="path" message="lorem ipsum"
|
|
|
|
related = geturlhausfilter getphishingfilter getpupfilter getbotnetfilter
|
|
|
|
|
|
|
|
[getbotnetfilter-command]
|
|
|
|
syntax = getbotnetfilter <message-option>
|
|
|
|
shortdesc = Get botnet-filter from malware-filter.
|
|
|
|
description = Get botnet-filter from malware-filter.\
|
|
|
|
Please use 'getbotnetip' whenever possible.
|
|
|
|
usage = public
|
|
|
|
example = | getbotnetfilter message="lorem ipsum"
|
|
|
|
related = geturlhausfilter getphishingfilter getpupfilter getvnbadsitefilter
|
|
|
|
|
|
|
|
[getbotnetip-command]
|
|
|
|
syntax = getbotnetip <message-option>
|
|
|
|
description = Get botnet ip from Feodo Tracker.
|
|
|
|
usage = public
|
|
|
|
example = | getbotnetip message="lorem ipsum"
|
|
|
|
related = getopendbl
|
|
|
|
|
|
|
|
[getopendbl-command]
|
|
|
|
syntax = getopendbl <message-option>
|
|
|
|
description = Get ip blocklists from Open Dynamic Block Lists (Opendbl).
|
|
|
|
usage = public
|
|
|
|
example = | getopendbl message="lorem ipsum"
|
|
|
|
related = getbotnetip
|