Farsight Security DNSDB

Farsight Security's DNSDB is a Passive DNS historical database that provides a unique, fact-based, multifaceted view of the configuration of the global Internet infrastructure.

Integration with LogicHub

Connecting with Farsight Security DNSDB

To connect to Farsight Security DNSDB following details are required:

  • Label: Connection name.
  • Reference Values: Define variables here to templatize integration connections and actions. For example, you can use https://www.{{hostname}}.com where, hostname is a variable defined in this input. For more information on how to add data, see 'Add Data' Input Type for Integrations.
  • API Key: The API key to connect to the Farsight Security DNSDB.

Actions with Farsight Security DNSDB

Lookup RRset

The RRset lookup queries DNSDB's RRset index, which supports forward lookups based on the owner name of an RRset.

Inputs to this Action:

  • Connections: Choose a connection that you have created.
  • Owner Name Column Name: The name of the column holding the owner name of an RRset.
  • RRType Column Name (Optional): The name of the column holding the RRType to use.
  • Bailiwick Column Name (Optional): The name of the column holding the Bailiwick to use.
  • Before Column Name (Optional): Filter results by time.
  • After Column Name (Optional): Filter results by time.

Output of Action:

  • has_error: True/False
  • error: Message/Null
  • result: Success/Failure message.
{
   "has_error": true,
   "error": "An error occurred: HTTP Error 400: Bad Request"
}

Lookup Rdata by Name

The Rdata lookup queries DNSDB's Rdata index, which supports inverse lookups based on Rdata record values.

Inputs to this Action:

  • Connections: Choose a connection that you have created.
  • Type Column Name: The name of the column holding the type of a Rdata lookup. Should be 'name', 'ip' or 'raw'.
  • Value Column Name: The name of the column holding the value to use for the query.
  • RRType Column Name: The name of the column holding the RRType to use.
  • Before Column Name: Filter results by time.
  • After Column Name: Filter results by time.

Output of Action:

  • result: result: Success/Failure message.
{
   "has_error": true,
   "error": "An error occurred: HTTP Error 400: Bad Request"
}

Did this page help you?