logo
SEKOIA.IO Documentation
SEKOIA.IO CTI - Develop
Initializing search
    GitHub
    • Getting Started
    • SEKOIA.IO XDR
    • SEKOIA.IO CTI
    • SEKOIA.IO TIP
    GitHub
      • Overview
      • Join a community
      • Create your account
      • Set up account security
      • Invite users to join
      • Navigation on the platform
      • Turn on notifications
      • Generate API Keys
      • Introduction
          • Overview
            • Rsyslog
            • Logstash
            • syslog-ng
            • Graylog
            • HTTPS
            • Overview
            • Custom Format
              • Alsid
              • Apache
              • BIND
              • ISC DHCP
              • HAProxy
              • Nginx
              • OpenSSH
              • SEKOIA.IO
              • Unbound
              • The Hive
                • CloudTrail
                • VPC Flow Logs
                • S3 for logs
                • Google Cloud Audit
                • Google Kubernetes Engine
                • Google VPC Flow Logs
                • Proxy
                • IP
                • DNS
                • HTTP requests
                • DNS logs
                • Firewall events
              • Digital Shadows
                • Azure Active Directory
                • Azure MySQL
                • Azure Linux machines
                • Azure Network Watcher
                • Azure Windows machines
                • O365
                • Message trace
              • Imperva Web Application Firewall
              • FortiMail
              • Postfix
              • Proofpoint TAP
              • Retarus Email Security
              • SpamAssassin
              • Vade for M365
              • Auditbeat Linux
              • CrowdStrike Falcon
              • Cybereason MalOp
              • HarfangLab
              • Linux
              • Panda Security Aether
              • SEKOIA.IO Agent
              • SentinelOne
              • SentinelOne Deep Visibility
              • Tanium
              • Windows
              • Windows (Log Insight)
              • Checkpoint
              • Cisco
              • F5 BigIP
              • Forcepoint Secure Web Gateway
              • FortiGate
              • FortiProxy
              • FortiWeb
              • Infoblox DDI
              • McAfee Web Gateway
              • NetFilter
              • PaloAlto
              • Pulse Connect Secure
              • Sophos Firewall
              • Sophos EDR
              • Squid
              • Stormshield
              • Suricata
              • Vectra
              • Wallix
              • Zeek
              • Common Event Format
          • Intakes
          • Entities
          • Assets
          • Rules Catalog
          • Sigma
          • Anomaly Detection
          • Alerts
          • Events
          • Cases
          • Dork Language
          • Querying Events
          • Dashboards
          • Overview
          • Triggers
          • Operators
          • Actions
            • AWS
            • Microsoft Azure
            • Azure Active Directory
            • BinaryEdge's API
            • Censys
            • Certificate Transparency
            • CrowdStrike Falcon
            • Detection Rules
            • Digital Shadows
            • fileutils
            • Fortigate Firewalls
            • Git
            • GLIMPS
            • Google
            • HTTP
            • HarfangLab
            • IKnowWhatYouDownload
            • IPtoASN
            • Imperva
            • MISP
            • MWDB
            • Mandrill
            • Mattermost
            • OSINT
            • Microsoft Office365
            • Onyphe
            • PagerDuty
            • Panda Security
            • Proofpoint
            • Public Suffix
            • RSS
            • RiskIQ
            • SEKOIA.IO
            • STIX
            • Sentinel One
            • ServiceNow
            • Shodan
            • The Hive
            • Tranco
            • Triage
            • Vade Secure
            • VirusTotal
            • Whois
        • Synchronise Alerts with an external tool
      • FAQ
        • Overview
          • Filtering
          • Authentication
          • Community
          • Dashboard
          • Notification
          • Configuration
          • Parser
          • Alert
          • Assets
          • Playbooks
          • Telemetry
      • Introduction
        • Data Models
          • Intelligence
          • Obervables
          • Feeds
          • Graph Explorations
          • Enrichers
          • Export
          • Dashboards
          • Overview
          • API
          • TAXII
          • Cortex Analyzer
          • MISP Feed
          • Microsoft Sentinel
          • OpenCTI
          • Splunk
          • Anomali ThreatStream
        • Overview
          • Filtering
          • Authentication
          • Community
          • Intelligence
          • Enrichment
          • Telemetry
          • Dashboard
          • Notification
          • Playbooks
      • Introduction
        • Data Models
          • Intelligence
          • Obervables
          • Feeds
          • Graph Explorations
          • Enrichers
          • Export
          • Content Proposals
          • Warning Rules
          • Expiration Rules
          • Dashboards
          • Overview
          • API
          • TAXII
          • Cortex Analyzer
          • MISP Feed
          • Microsoft Sentinel
          • OpenCTI
          • Splunk
          • Overview
          • Triggers
          • Operators
          • Actions
            • AWS
            • BinaryEdge's API
            • Censys
            • Certificate Transparency
            • Detection Rules
            • Digital Shadows
            • fileutils
            • Fortigate Firewalls
            • Git
            • GLIMPS
            • Google
            • HTTP
            • HarfangLab
            • IKnowWhatYouDownload
            • IPtoASN
            • Imperva
            • MISP
            • MWDB
            • Mandrill
            • Mattermost
            • OSINT
            • Onyphe
            • PagerDuty
            • Panda Security
            • Public Suffix
            • RSS
            • RiskIQ
            • SEKOIA.IO
            • STIX
            • ServiceNow
            • Shodan
            • The Hive
            • Tranco
            • Triage
            • Vade Secure
            • VirusTotal
            • Whois
        • Overview
          • Filtering
          • Authentication
          • Community
          • Intelligence
          • Enrichment
          • Dashboard
          • Notification
          • Playbooks

    SEKOIA.IO CTI – Develop

    To develop, integrate and automate your workflows, build with the SEKOIA.IO REST API.

    Quickstart

      Popular Guides

    Filtering
    The filtering method used by SEKOIA.IO REST API.

      Popular REST APIs

    • Intelligence
    • Enrichments
    • Telemetry
    • Notification
    • Community
    Back to top
    Previous Anomali ThreatStream
    Next Filtering
    Copyright 2022 SEKOIA. All rights reserved.
    Made with Material for MkDocs