DomainTools
Integration version: 7.0
Configure DomainTools integration in Google Security Operations
For detailed instructions on how to configure an integration in Google SecOps, see Configure integrations.
Actions
Get Domain Profile
Description
Enrich an external ___domain entity with DomainTools that threatens data from Intelligence and returns a CSV output.
Parameters
N/A
Use cases
N/A
Run On
This action runs on the following entities:
- URL
- Hostname
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| is_succeed | True/False | is_succeed:False |
JSON Result
N/A
Get Domain Risk
Description
Enrich the external ___domain entity with the ___domain risk score that was given by DomainTools data.
Parameters
| Parameter | Type | Default Value | Description |
|---|---|---|---|
| Threshold | String | N/A | Mark entity as suspicious if the ___domain risk score passes the given threshold. e.g. 3. |
Use cases
N/A
Run On
This action runs on the following entities:
- URL
- Hostname
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| is_risky | True/False | is_risky:False |
JSON Result
N/A
Get Hosting History
Description
Receive, enrich, and add a CSV table to the Domain Hosting History Information.
Parameters
N/A
Use cases
N/A
Run On
This action runs on the following entities:
- URL
- Hostname
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| is_succeed | True/False | is_succeed:False |
JSON Result
N/A
Ping
Description
Test Connectivity.
Parameters
N/A
Use cases
N/A
Run On
This action runs on the following entities:
- URL
- Hostname
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| is_success | True/False | is_success:False |
JSON Result
N/A
Recent Domains
Description
Look for new domains with a specific word in them.
Parameters
| Parameter | Type | Default Value | Description |
|---|---|---|---|
| String Query | String | N/A | Search for new domains containing a particular word. |
Use cases
N/A
Run On
This action runs on all entities.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| null | N/A | N/A |
JSON Result
N/A
Reverse Domain
Description
Find IPs pointing to a certain ___domain.
Parameters
N/A
Use cases
N/A
Run On
This action runs on the following entities:
- URL
- Hostname
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| null | N/A | N/A |
JSON Result
N/A
Reverse Email
Description
Find domains with an email address in their WhoIs record.
Parameters
N/A
Use cases
N/A
Run On
This action runs on the User entity.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| null | N/A | N/A |
JSON Result
N/A
Reverse IP
Description
Find ___domain names that share a particular IP address.
Parameters
N/A
Use cases
N/A
Run On
This action runs on the IP Address entity.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| null | N/A | N/A |
JSON Result
N/A
Need more help? Get answers from Community members and Google SecOps professionals.