Dataminr Pulse

the dataminr pulse connector provides real time alerting and insights from public data sources, enabling organizations to rapidly respond to emerging risks and critical events dataminr pulse is a real time information discovery platform that delivers relevant alerts from across the globe, enabling users to stay ahead of emerging risks the dataminr pulse turbine connector allows users to integrate these capabilities into swimlane turbine, providing automated alert retrieval and list management by leveraging this connector, users can filter and prioritize alerts based on specific criteria, ensuring rapid response to critical events and enhancing situational awareness within their security operations prerequisites to effectively utilize the dataminr pulse connector for turbine, ensure you have the following prerequisites oauth 2 0 client credentials authentication with the following parameters url the endpoint for the dataminr pulse api client id your unique identifier issued by dataminr pulse for api access client secret a secret key provided by dataminr pulse to authenticate your api requests asset setup you will need a client id and client secret along with the url to access the api capabilities this connector provides the following capabilities get alerts get alert lists get alerts input param query is required if lists is not provided input param lists is required if query is not provided for cyber specific alerts only an additional metadata object will be returned in the alert object a description of this object and related fields, along with an example of a cyber alert, is provided below name type description vulnerabilities object contains a list of cve, cvss v2 pairings addresses object list of ip addresses and ports, if available urls list of strings identifier for a specific part of a website referenced in posts which could related to a target or attacker’s infrastructure asns list of strings name of the autonomous systems number of company hosting the impacted service(s) orgs list of strings name of the asn (company hosting the impacted service) hashes list of strings a unique identifier or fingerprint for a file, often a malicious executable products list of strings the server software used on an ip address malwares list of strings malicious software posing a threat threats list of strings ransomware of apt group posing a threat limitations the api does not currently support filtering alerts by time configurations oauth 2 0 client credentials authenticates using oauth 2 0 client credentials configuration parameters parameter description type required url a url to the target host string required client id the client id string required client secret the client secret string required verify ssl verify ssl certificate boolean optional http proxy a proxy to route requests through string optional actions get alerts retrieves the latest alerts from dataminr pulse based on specified alert version parameters endpoint url api/3/alerts method get input argument name type required description parameters query string optional parameters for the get alerts action parameters lists string optional this is comma delimited set of list ids comma separated string parameters from string optional from points to a cursor that you want any alerts after parameters to string optional to points to a cursor that you want any alerts before parameters num number optional maximum number of alerts to return, default = 40 parameters alertversion number required alertversion must be equal or greater than 14 input example {"parameters" {"query" "(hurricane or fire) and office building"}} output parameter type description status code number http status code of the response reason string response reason phrase data object response data data alerts array response data data alerts alertid string response data data alerts availablerelatedalerts number response data data alerts eventtime number response data data alerts eventvolume number response data data alerts eventlocation object response data data alerts eventlocation coordinates array response data data alerts eventlocation name string response data data alerts eventlocation places array response data data alerts eventlocation radius number response data data alerts source object response data data alerts source displayname string response data data alerts source entityname string response data data alerts source link string response data data alerts source verified boolean response data data alerts source channels array response data data alerts post object response data data alerts post timestamp number response data data alerts post languages array response data data alerts post languages position number response data data alerts post languages lang string response data data alerts post media array response data output example {"status code" 200,"response headers" {"date" "tue, 22 aug 2023 06 08 11 gmt","content type" "application/json;charset=utf 8","content length" "4830","connection" "keep alive","vary" "accept encoding, user agent","content encoding" "gzip","x correlation id" "b3062d5b7dc03328eb970d709e795100, 36e2cc964b21b9228f46dd64bb308fe6","strict transport security" "max age=31536000; includesubdomains, max age=31536000; includesubdomains","x frame options" "deny, deny","access control allow origin" " ","acce get alerts lists retrieve all preconfigured alert lists from dataminr pulse, providing a comprehensive overview of alerts endpoint url account/2/get lists method get output parameter type description status code number http status code of the response reason string response reason phrase watchlists object output field watchlists watchlists topic array output field watchlists topic watchlists topic id number unique identifier watchlists topic type string type of the resource watchlists topic name string name of the resource watchlists topic description string output field watchlists topic description watchlists topic properties object output field watchlists topic properties watchlists topic properties watchlistcolor string output field watchlists topic properties watchlistcolor watchlists company array output field watchlists company watchlists company id number unique identifier watchlists company type string type of the resource watchlists company name string name of the resource watchlists company description string output field watchlists company description watchlists company properties object output field watchlists company properties watchlists company properties watchlistcolor string output field watchlists company properties watchlistcolor watchlists company companies array output field watchlists company companies watchlists company companies id string unique identifier watchlists company companies name string name of the resource output example {"status code" 200,"response headers" {"date" "mon, 21 aug 2023 09 25 55 gmt","content type" "application/json; charset=utf 8","content length" "248","connection" "keep alive","access control max age" "604800","vary" "accept encoding","content encoding" "gzip","x correlation id" "ccc7ea78bae01e8ca8f3ca1fd9c63a86, 46f369571dfe3cbb775911784cf9d34a","strict transport security" "max age=31536000; includesubdomains, max age=31536000; includesubdomains","x frame options" "deny, deny","x rate limit lim response headers header description example access control allow headers http response header access control allow headers authorization, x verify credentials authorization, x auth service provider, x twitter client version, content type access control allow methods http response header access control allow methods get,post,put,delete,patch access control allow origin http response header access control allow origin access control max age http response header access control max age 604800 connection http response header connection keep alive content encoding http response header content encoding gzip content length the length of the response body in bytes 248 content type the media type of the resource application/json;charset=utf 8 date the date and time at which the message was originated tue, 22 aug 2023 06 08 11 gmt strict transport security http response header strict transport security max age=31536000; includesubdomains, max age=31536000; includesubdomains vary http response header vary accept encoding x correlation id a unique identifier for correlating requests b3062d5b7dc03328eb970d709e795100, 36e2cc964b21b9228f46dd64bb308fe6 x frame options http response header x frame options deny, deny x rate limit limit http response header x rate limit limit 60 x rate limit remain http response header x rate limit remain 59 x rate limit reset http response header x rate limit reset 1692610555015