IPStack searches for the geolocation facility of a specified IP address or Domain.
This document provides information about the IPStack connector, which facilitates automated interactions, with a IPStack server using FortiSOAR™ playbooks. Add the IPStack connector as a step in FortiSOAR™ playbooks and perform automated operations such as, searching and retrieving geolocation locations for a specified IP address or Domain.
Connector Version: 1.0.0
FortiSOAR™ Version Tested on: 4.11.0-1161
IPStack Version Tested on: 3.0
All connectors provided by FortiSOAR™ are delivered using a FortiSOAR™ repository. Therefore, you must set up your FortiSOAR™ repository and use the yum
command to install connectors:
yum install cyops-connector-ipstack
For the detailed procedure to install a connector, click here.
For the procedure to configure a connector, click here.
In FortiSOAR™, on the Connectors page, select the IPStack connector and click Configure to configure the following parameters:
Parameter | Description |
---|---|
Server URL | URL of the IPStack server to which you will connect and perform the automated operations. |
API Key | API key configured for your account to access the IPStack server |
Protocol that will be used to communicate, choose either http and https. By default, this is set to http . |
|
Verify SSL | Specifies whether the SSL certificate for the server is to be verified or not. By default, this option is set as True . |
The following automated operations can be included in playbooks and you can also use the annotations to access operations from FortiSOAR™ release 4.10.0 onwards:
Function | Description | Annotation and Category |
---|---|---|
Geolocate IP | Retrieves the geolocation details of the IP address that you specify from the IPStack server. | geolocation Investigation |
Geolocate IP | Retrieves the geolocation details of the domain that you specify from the IPStack server. | geolocation Investigation |
Parameter | Description |
---|---|
IP Address | IP address for which you want to retrieve geolocation details from the IPStack server. |
Specify Response Fields | (Optional) Use this parameter to limit results returned by this operation to a certain object or set of objects. For example, If you specify country_code then this operation returns only the country_code object instead of returning the entire result. |
Enable Hostname Lookup | Select this option (i.e. set to True ) if you want to retrieve the hostname with your API response.By default, this is set to False . |
Enable Security Module | Select this option (i.e. set to True ) if you want to retrieve security information with your API response.By default, this is set to False . |
The JSON output contains the geolocation details of the IP address that you have specified retrieved from the IPStack server.
Following image displays a sample output:
Parameter | Description |
---|---|
IP Address | Name of the domain for which you want to retrieve geolocation details from the IPStack server. Important: Do not prefix the domain name with http, https, or www. |
Specify Response Fields | (Optional) Use this parameter to limit results returned by this operation to a certain object or set of objects. For example, If you specify country_code then this operation returns only the country_code object instead of returning the entire result. |
Enable Hostname Lookup | Select this option (i.e. set to True ) if you want to retrieve the hostname with your API response.By default, this is set to False . |
Enable Security Module | Select this option (i.e. set to True ) if you want to retrieve security information with your API response.By default, this is set to False . |
The JSON output contains the geolocation details of the domain name that you have specified retrieved from the IPStack server.
Following image displays a sample output:
The Sample - IPStack - 1.0.0
playbook collection comes bundled with the IPStack connector. This playbook contains steps using which you can perform all supported actions. You can see the bundled playbooks in the Automation > Playbooks section in FortiSOAR™ after importing the IPStack connector.
Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection since the sample playbook collection gets deleted during connector upgrade and delete.
IPStack searches for the geolocation facility of a specified IP address or Domain.
This document provides information about the IPStack connector, which facilitates automated interactions, with a IPStack server using FortiSOAR™ playbooks. Add the IPStack connector as a step in FortiSOAR™ playbooks and perform automated operations such as, searching and retrieving geolocation locations for a specified IP address or Domain.
Connector Version: 1.0.0
FortiSOAR™ Version Tested on: 4.11.0-1161
IPStack Version Tested on: 3.0
All connectors provided by FortiSOAR™ are delivered using a FortiSOAR™ repository. Therefore, you must set up your FortiSOAR™ repository and use the yum
command to install connectors:
yum install cyops-connector-ipstack
For the detailed procedure to install a connector, click here.
For the procedure to configure a connector, click here.
In FortiSOAR™, on the Connectors page, select the IPStack connector and click Configure to configure the following parameters:
Parameter | Description |
---|---|
Server URL | URL of the IPStack server to which you will connect and perform the automated operations. |
API Key | API key configured for your account to access the IPStack server |
Protocol that will be used to communicate, choose either http and https. By default, this is set to http . |
|
Verify SSL | Specifies whether the SSL certificate for the server is to be verified or not. By default, this option is set as True . |
The following automated operations can be included in playbooks and you can also use the annotations to access operations from FortiSOAR™ release 4.10.0 onwards:
Function | Description | Annotation and Category |
---|---|---|
Geolocate IP | Retrieves the geolocation details of the IP address that you specify from the IPStack server. | geolocation Investigation |
Geolocate IP | Retrieves the geolocation details of the domain that you specify from the IPStack server. | geolocation Investigation |
Parameter | Description |
---|---|
IP Address | IP address for which you want to retrieve geolocation details from the IPStack server. |
Specify Response Fields | (Optional) Use this parameter to limit results returned by this operation to a certain object or set of objects. For example, If you specify country_code then this operation returns only the country_code object instead of returning the entire result. |
Enable Hostname Lookup | Select this option (i.e. set to True ) if you want to retrieve the hostname with your API response.By default, this is set to False . |
Enable Security Module | Select this option (i.e. set to True ) if you want to retrieve security information with your API response.By default, this is set to False . |
The JSON output contains the geolocation details of the IP address that you have specified retrieved from the IPStack server.
Following image displays a sample output:
Parameter | Description |
---|---|
IP Address | Name of the domain for which you want to retrieve geolocation details from the IPStack server. Important: Do not prefix the domain name with http, https, or www. |
Specify Response Fields | (Optional) Use this parameter to limit results returned by this operation to a certain object or set of objects. For example, If you specify country_code then this operation returns only the country_code object instead of returning the entire result. |
Enable Hostname Lookup | Select this option (i.e. set to True ) if you want to retrieve the hostname with your API response.By default, this is set to False . |
Enable Security Module | Select this option (i.e. set to True ) if you want to retrieve security information with your API response.By default, this is set to False . |
The JSON output contains the geolocation details of the domain name that you have specified retrieved from the IPStack server.
Following image displays a sample output:
The Sample - IPStack - 1.0.0
playbook collection comes bundled with the IPStack connector. This playbook contains steps using which you can perform all supported actions. You can see the bundled playbooks in the Automation > Playbooks section in FortiSOAR™ after importing the IPStack connector.
Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection since the sample playbook collection gets deleted during connector upgrade and delete.