VirusTotal Enrich Connector

Installation

Setting environment variable in docker-compose.yml

Parameter	Docker envvar	Mandatory	Description
`opencti_url`	`OPENCTI_URL`	Yes	The URL of the OpenCTI platform.
`opencti_token`	`OPENCTI_TOKEN`	Yes	The default admin token configured in the OpenCTI platform parameters file.
`connector_id`	`CONNECTOR_ID`	Yes	A valid arbitrary `UUIDv4` that must be unique for this connector.
`virustota_token`	`VIRUSTOTAL_TOKEN`	Yes	Virustotal api token.

Build image

docker build . -t virustotal-enrich-connector:5.4.1

Add connector settings to platform docker-compose.yml

# OpenCTI-Platform docker-compose.yml
...
virustotal-enrich-connector:
    image: virustotal-enrich-connector:5.4.1
    environment:
    - OPENCTI_URL=http://opencti:8080
    - OPENCTI_TOKEN=CHANGEME
    - CONNECTOR_ID=CHANGEME
    - CONNECTOR_TYPE=INTERNAL_ENRICHMENT
    - CONNECTOR_NAME=virustotal_enrichment_connector
    - CONNECTOR_SCOPE=StixFile
    - CONNECTOR_AUTO=True
    - CONNECTOR_CONFIDENCE_LEVEL=100 # From 0 (Unknown) to 100 (Fully trusted)
    - CONNECTOR_LOG_LEVEL=info
    - VIRUSTOTAL_TOKEN=CHANGEME
    restart: always

Start OpenCTI
```
docker compose up -d
```

Requirements

OpenCTI Platform >= 5.4.1

Name		Name	Last commit message	Last commit date
Latest commit History 1 Commit
.vscode		.vscode
virustotal-enrich-connector		virustotal-enrich-connector
.gitignore		.gitignore
.python-version		.python-version
Dockerfile		Dockerfile
README.md		README.md
docker-compose.yml		docker-compose.yml
entrypoint.sh		entrypoint.sh

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

VirusTotal Enrich Connector

Installation

Requirements

About

Releases 1

Packages

Languages

nimaike/virustotal_enrich_connector

Folders and files

Latest commit

History

Repository files navigation

VirusTotal Enrich Connector

Installation

Requirements

About

Resources

Stars

Watchers

Forks

Releases 1

Packages 0

Languages

Packages