Fortinet Document Library

Version:


Table of Contents

1.0.0
Copy Link

About the connector

Whois RDAP is a service that enables you to retrieve information about the location of IP addresses, servers, or websites. You can find out the owner of the Internet resource and their contact details.

This document provides information about the Whois RDAP connector, which facilitates automated interactions, with a Whois RDAP server using CyOPs™ playbooks. Add the Whois RDAP connector as a step in CyOPs™ playbooks and perform automated operations such as, retrieving Whois data for a specified IP address.

 

Version information

Connector Version: 1.0.0

CyOPs™ Version Tested on: 4.11.0-1161

 

Installing the connector

For the procedure to install a connector, click here.

 

Prerequisites to configuring the connector

To access the CyOPs™ UI, ensure that port 443 is open through the firewall for the CyOPs™ instance.

 

Configuring the connector

You do not require to configure this connector since it looks up the freely accessible Whois RDAP service.

To view the connector, log on to CyOPs™ and click Automation > Connectors. On the Connectors page, you will see the Whois RDAP connector. Click the Whois RDAP connector row to open the connection actions and bundled playbooks.
To view the list of actions that can be performed by the connector, click the Actions tab.
To view the playbook file that is bundled with the connector, click the Playbooks tab. You can see the bundled playbooks by clicking on the Sample - Whois RDAP - 1.0.0 link after importing the Whois RDAP connector. Refer to the Included Playbooks section for details on the bundled playbooks. You can see the bundled playbooks in the Automation > Playbooks section in CyOPs™ after importing the Whois RDAP connector.

If you want to know the procedure of configuring a connector, click here.

 

Actions supported by the connector

The following automated operations can be included in playbooks and you can also use the annotations to access operations from CyOPs™ release 4.10.0 onwards:

 

Function Description Annotation and Category
Whois IP IP address for which you want to retrieve Whois data. whois_ip
Investigation

 

operation: Whois IP

Input parameters

 

Parameter Description
IP Address IPv4 or IPv6 address for which you want to retrieve Whois data.

 

Output

The JSON output contains information about the location of IP addresses, servers, or websites, retrieved from the Whois RDAP service. Using this information, you can find out the owner of Internet resource and their contact details.

Following image displays a sample output:

 

Sample output of the Whois IP operation

 

Included playbooks

The Sample - Whois RDAP - 1.0.0 playbook collection comes bundled with the Whois RDAP connector. This playbook contains steps using which you can perform all supported actions. You can see the bundled playbooks in the Automation > Playbooks section in CyOPs™ after importing the Whois RDAP connector.

  • Whois IP

Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection since the sample playbook collection gets deleted during connector upgrade and delete.

 

About the connector

Whois RDAP is a service that enables you to retrieve information about the location of IP addresses, servers, or websites. You can find out the owner of the Internet resource and their contact details.

This document provides information about the Whois RDAP connector, which facilitates automated interactions, with a Whois RDAP server using CyOPs™ playbooks. Add the Whois RDAP connector as a step in CyOPs™ playbooks and perform automated operations such as, retrieving Whois data for a specified IP address.

 

Version information

Connector Version: 1.0.0

CyOPs™ Version Tested on: 4.11.0-1161

 

Installing the connector

For the procedure to install a connector, click here.

 

Prerequisites to configuring the connector

To access the CyOPs™ UI, ensure that port 443 is open through the firewall for the CyOPs™ instance.

 

Configuring the connector

You do not require to configure this connector since it looks up the freely accessible Whois RDAP service.

To view the connector, log on to CyOPs™ and click Automation > Connectors. On the Connectors page, you will see the Whois RDAP connector. Click the Whois RDAP connector row to open the connection actions and bundled playbooks.
To view the list of actions that can be performed by the connector, click the Actions tab.
To view the playbook file that is bundled with the connector, click the Playbooks tab. You can see the bundled playbooks by clicking on the Sample - Whois RDAP - 1.0.0 link after importing the Whois RDAP connector. Refer to the Included Playbooks section for details on the bundled playbooks. You can see the bundled playbooks in the Automation > Playbooks section in CyOPs™ after importing the Whois RDAP connector.

If you want to know the procedure of configuring a connector, click here.

 

Actions supported by the connector

The following automated operations can be included in playbooks and you can also use the annotations to access operations from CyOPs™ release 4.10.0 onwards:

 

Function Description Annotation and Category
Whois IP IP address for which you want to retrieve Whois data. whois_ip
Investigation

 

operation: Whois IP

Input parameters

 

Parameter Description
IP Address IPv4 or IPv6 address for which you want to retrieve Whois data.

 

Output

The JSON output contains information about the location of IP addresses, servers, or websites, retrieved from the Whois RDAP service. Using this information, you can find out the owner of Internet resource and their contact details.

Following image displays a sample output:

 

Sample output of the Whois IP operation

 

Included playbooks

The Sample - Whois RDAP - 1.0.0 playbook collection comes bundled with the Whois RDAP connector. This playbook contains steps using which you can perform all supported actions. You can see the bundled playbooks in the Automation > Playbooks section in CyOPs™ after importing the Whois RDAP connector.

Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection since the sample playbook collection gets deleted during connector upgrade and delete.