Skip to main content

Workflow Template: Silent Push - IP Address Enrichment with Cache

Receives an IP Address from a parent workflow and query Silent Push for enrichment.

Updated today

The "Silent Push - IP Address Enrichment with Cache" workflow template is designed for efficient threat intelligence enrichment. It receives an IP address from a parent workflow and checks a local cache for any previously stored reputation data. If found, it returns the cached data, saving time and resources. If not, it queries Silent Push for comprehensive IP enrichment, providing detailed analysis and reputation insights. This workflow is ideal for enhancing security operations by quickly identifying potential threats and reducing redundant API calls.

Take Me to the Template

Optional Triggers

["This workflow is intended to be used as a function."]

Use Cases

Function , Threat Intelligence Enrichment

Workflow Breakdown

  1. Receives an IP Address as input.

  2. Lookup global variables for cached responses in the past 24 hours.

  3. If reputation is found on local cache, the saved data is returned to the parent workflow.

  4. When no reputation is found in cache, a summary of the analysis data is created and saved with the original api data.

Vendors

Utils, Torq, Silent Push

Workflow Output

Returns full analysis data and a summary of the information.

Tips

  • Set "Provide Raw Data Analysis" to true or false to add or remove original vendor information to the output.

Related Articles
Workflow Template: Shodan - Domain Enrichment with Cache
Workflow Template: Pangea - IP Address Enrichment with Cache
Workflow Template: Silent Push - Domain Enrichment with Cache
Workflow Template: Recorded Future - IP Address Enrichment with Cache
Workflow Template: Shodan - IP Address Enrichment with Cache
Did this answer your question?