This section describes search macros contained in the macros.conf file in the app distribution package.
Search macros contained in the app
Macro |
Description |
kl_malicious_hash_lookup |
Macro for looking up indicators in Malicious Hash Data Feed and Demo Malicious Hash Data Feed. |
kl_malicious_url_lookup |
Macro for looking up indicators in Malicious URL Data Feed. |
kl_phishing_url_lookup |
Macro for looking up indicators in Phishing URL Data Feed. |
kl_botnetCnC_hash_lookup |
Macro for looking up indicators in BotnetCnC URL Data Feed and Demo BotnetCnC URL Data Feed. |
kl_botnetCnC_url_lookup |
Macro for looking up indicators in BotnetCnC URL Data Feed and Demo BotnetCnC URL Data Feed. |
kl_mobile_botnet_url_lookup |
Macro for looking up indicators in Mobile Botnet Data Feed. |
kl_mobile_malicious_hash_lookup |
Macro for looking up indicators in Mobile Malicious Hash Data Feed. |
kl_ransomware_url_lookup |
Macro for looking up indicators in Ransomware URL Data Feed. |
kl_mobile_botnet_hash_lookup |
Macro for looking up indicators in Mobile Botnet Data Feed. |
kl_ip_reputation_lookup |
Macro for looking up indicators in IP Reputation Data Feed. |
kl_psms_hash_lookup |
Macro for looking up indicators in P-SMS Trojan Data Feed. |
kl_ip_reputation_hash_lookup |
Macro for looking up hashes in IP Reputation Data Feed. |
kl_ransomware_hash_lookup |
Macro for looking up hashes in Ransomware URL Data Feed. |
kl_malicious_hash_from_url_lookup |
Macro for looking up hashes in Malicious URL Data Feed. |
Macros for looking up hashes process hashes of the following types:
Macros for looking up IP addresses process IPv4 addresses.
Macros for looking up URLs also process host names and domains. You can specify URLs with protocols and ports because the macros normalize URLs before looking up them in the feeds.
Page top