Farsight DNSDB

22 min

dnsdb is a database that stores and indexes both the passive dns data available via farsight security’s security information exchange as well as the authoritative dns data that various zone operators make available prerequisites the farsight dnsdb asset requires an api key capabilities this connector provides the following capabilities lookup rdata lookup rrset rate limit summarize rdata summarize rrset configurations dnsdb asset authenticate using api key configuration parameters parameter description type required apikey api key for authentication string required verify ssl verify ssl certificate boolean optional http proxy a proxy to route requests through string optional actions lookup rdata the “rdata” lookup queries dnsdb rdata index, which supports “inverse” lookups based on rdata record values input argument name type required description type string required type of the resource value string required value for the parameter ignore limited boolean required manually suppresses querylimited exceptions raised by the server if the query results exceed the row limited rrtype string optional type of the resource limit number optional parameter for lookup rdata time first before number optional parameter for lookup rdata time last before number optional parameter for lookup rdata time first after number optional parameter for lookup rdata time last after number optional parameter for lookup rdata aggr boolean optional parameter for lookup rdata offset number optional parameter for lookup rdata output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "reason" "ok", "response headers" {}, "json body" \[ { "count" 5, "time first" 1706649024, "time last" 1710882816, "rrname" "identity msbe cie ac ", "rrtype" "a", "rdata" \[ "8 8 8 8" ] }, { "count" 2, "time first" 1598818650, "time last" 1598818650, "rrname" "dmn ac ", "rrtype" "a", "rdata" \[ "8 8 8 8" ] }, { "count" 38, "time first" 1620106630, "time last" 1620119528, "rrname" "lee ac ", "rrtype" "a", "rdata" \[ "8 8 8 8" ] } ] } ] lookup rrset the “rrset” lookup queries dnsdb rrset index, which supports “forward” lookups based on the owner name of an rrset input argument name type required description owner name string optional name of the resource rrtype string optional type of the resource ignore limited boolean required manually suppresses querylimited exceptions raised by the server if the query results exceed the row limited bailiwick string optional parameter for lookup rrset limit number optional parameter for lookup rrset time first before number optional parameter for lookup rrset time last before number optional parameter for lookup rrset time first after number optional parameter for lookup rrset time last after number optional parameter for lookup rrset aggr boolean optional parameter for lookup rrset offset number optional parameter for lookup rrset output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "reason" "ok", "response headers" {}, "json body" \[ { "count" 59, "time first" 1410402569, "time last" 1418156730, "rrname" "swimlane com ", "rrtype" "a", "bailiwick" "swimlane com ", "rdata" \[ "50 62 69 1" ] }, { "count" 7362, "time first" 1425951270, "time last" 1456509794, "rrname" "swimlane com ", "rrtype" "a", "bailiwick" "swimlane com ", "rdata" \[ "50 116 22 188" ] }, { "count" 1535, "time first" 1418257869, "time last" 1425945579, "rrname" "swimlane com ", "rrtype" "a", "bailiwick" "swimlane com ", "rdata" \[ "72 249 150 47" ] } ] } ] rate limit returns the api rate limits of dnsdb output parameter type description rate object output field rate limit number output field limit reset number output field reset offset max number output field offset max results max number result of the operation remaining number output field remaining example \[ { "json body" { "rate" {} } } ] summarize rdata the dnsdb api only supports one summarize result format, the “json” format input argument name type required description type string required type of the resource value string required value for the parameter rrtype string optional type of the resource limit number optional parameter for summarize rdata time first before number optional parameter for summarize rdata time last before number optional parameter for summarize rdata time first after number optional parameter for summarize rdata time last after number optional parameter for summarize rdata aggr boolean optional parameter for summarize rdata max count number optional count value output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "reason" "ok", "response headers" {}, "json body" \[ {} ] } ] summarize rrset the dnsdb api only supports one summarize result format, the “json” format endpoint url /dnsdb/v2/summarize/rrset method get input argument name type required description owner name string required name of the resource rrtype string optional type of the resource bailiwick string optional parameter for summarize rrset limit number optional parameter for summarize rrset time first before number optional parameter for summarize rrset time last before number optional parameter for summarize rrset time first after number optional parameter for summarize rrset time last after number optional parameter for summarize rrset aggr boolean optional parameter for summarize rrset max count number optional count value output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "reason" "ok", "response headers" {}, "json body" \[ {} ] } ] notes api documentation link https //www domaintools com/resources/user guides/farsight dnsdb api version 2 documentation/python sdk https //pypi org/project/dnsdb2/