Farsight DNSDB

dnsdb is a database that stores and indexes both the passive dns data available via farsight security’s security information exchange as well as the authoritative dns data that various zone operators make available prerequisites the farsight dnsdb asset requires an api key capabilities this connector provides the following capabilities lookup rdata lookup rrset rate limit summarize rdata summarize rrset notes https //www domaintools com/resources/user guides/farsight dnsdb api version 2 documentation/ https //pypi org/project/dnsdb2/ configurations dnsdb asset authenticate using api key configuration parameters parameter description type required apikey api key for authentication string required verify ssl verify ssl certificate boolean optional http proxy a proxy to route requests through string optional actions lookup rdata the “rdata” lookup queries dnsdb rdata index, which supports “inverse” lookups based on rdata record values input argument name type required description type string required type of the resource value string required value for the parameter ignore limited boolean required manually suppresses querylimited exceptions raised by the server if the query results exceed the row limited rrtype string optional type of the resource limit number optional parameter for lookup rdata time first before number optional parameter for lookup rdata time last before number optional parameter for lookup rdata time first after number optional parameter for lookup rdata time last after number optional parameter for lookup rdata aggr boolean optional parameter for lookup rdata offset number optional parameter for lookup rdata input example {"type" "ip","value" "8 8 8 8","ignore limited"\ true,"rrtype" "a","limit" 50,"time first before" 1620000000,"time last before" 1620000000,"time first after" 1620000000,"time last after" 1620000000,"aggr"\ true,"offset" 100} output parameter type description status code number http status code of the response reason string response reason phrase output example {"status code" 200,"reason" "ok","response headers" {},"json body" \[{"count" 5,"time first" 1706649024,"time last" 1710882816,"rrname" "identity msbe cie ac ","rrtype" "a","rdata" \["8 8 8 8"]},{"count" 2,"time first" 1598818650,"time last" 1598818650,"rrname" "dmn ac ","rrtype" "a","rdata" \["8 8 8 8"]},{"count" 38,"time first" 1620106630,"time last" 1620119528,"rrname" "lee ac ","rrtype" "a","rdata" \["8 8 8 8"]}]} lookup rrset the “rrset” lookup queries dnsdb rrset index, which supports “forward” lookups based on the owner name of an rrset input argument name type required description owner name string optional name of the resource rrtype string optional type of the resource ignore limited boolean required manually suppresses querylimited exceptions raised by the server if the query results exceed the row limited bailiwick string optional parameter for lookup rrset limit number optional parameter for lookup rrset time first before number optional parameter for lookup rrset time last before number optional parameter for lookup rrset time first after number optional parameter for lookup rrset time last after number optional parameter for lookup rrset aggr boolean optional parameter for lookup rrset offset number optional parameter for lookup rrset input example {"owner name" "swimlane com","rrtype" "a","ignore limited"\ true,"bailiwick" "com","limit" 50,"time first before" 1620000000,"time last before" 1620000000,"time first after" 1620000000,"time last after" 1620000000,"aggr"\ true,"offset" 0} output parameter type description status code number http status code of the response reason string response reason phrase output example {"status code" 200,"reason" "ok","response headers" {},"json body" \[{"count" 59,"time first" 1410402569,"time last" 1418156730,"rrname" "swimlane com ","rrtype" "a","bailiwick" "swimlane com ","rdata" \["50 62 69 1"]},{"count" 7362,"time first" 1425951270,"time last" 1456509794,"rrname" "swimlane com ","rrtype" "a","bailiwick" "swimlane com ","rdata" \["50 116 22 188"]},{"count" 1535,"time first" 1418257869,"time last" 1425945579,"rrname" "swimlane com ","rrtype" "a","bailiwick" "swimlane com ","r rate limit returns the api rate limits of dnsdb output parameter type description rate object output field rate rate limit number output field rate limit rate reset number output field rate reset rate offset max number output field rate offset max rate results max number result of the operation rate remaining number output field rate remaining output example {"json body" {"rate" {"limit" 100,"reset" 1710979200,"offset max" 3000000,"results max" 1000000,"remaining" 94}}} summarize rdata the dnsdb api only supports one summarize result format, the “json” format input argument name type required description type string required type of the resource value string required value for the parameter rrtype string optional type of the resource limit number optional parameter for summarize rdata time first before number optional parameter for summarize rdata time last before number optional parameter for summarize rdata time first after number optional parameter for summarize rdata time last after number optional parameter for summarize rdata aggr boolean optional parameter for summarize rdata max count number optional count value input example {"type" "name","value" "swimlane com","rrtype" "a","limit" 50,"time first before" 1620000000,"time last before" 1620000000,"time first after" 1620000000,"time last after" 1620000000,"aggr"\ true,"max count" 1000} output parameter type description status code number http status code of the response reason string response reason phrase output example {"status code" 200,"reason" "ok","response headers" {},"json body" \[{"count" 20,"num results" 1,"time first" 1411929062,"time last" 1417555530}]} summarize rrset the dnsdb api only supports one summarize result format, the “json” format endpoint url /dnsdb/v2/summarize/rrset method get input argument name type required description owner name string required name of the resource rrtype string optional type of the resource bailiwick string optional parameter for summarize rrset limit number optional parameter for summarize rrset time first before number optional parameter for summarize rrset time last before number optional parameter for summarize rrset time first after number optional parameter for summarize rrset time last after number optional parameter for summarize rrset aggr boolean optional parameter for summarize rrset max count number optional count value input example {"owner name" "swimlane com","rrtype" "a","bailiwick" "com","limit" 50,"time first before" 1620000000,"time last before" 1620000000,"time first after" 1620000000,"time last after" 1620000000,"aggr"\ true,"max count" 1000} output parameter type description status code number http status code of the response reason string response reason phrase output example {"status code" 200,"reason" "ok","response headers" {},"json body" \[{"count" 741872,"num results" 306,"time first" 1283175634,"time last" 1710907196,"zone time first" 1272125541,"zone time last" 1710802220}]} response headers header description example content type the media type of the resource application/json date the date and time at which the message was originated thu, 01 jan 2024 00 00 00 gmt