TwinWave

this connector integrates twinwave's rest api with swimlane turbine prerequisites this connector requires the following input parameters to authenticate url api key capabilities this connector provides the following capabilities downlaod submitted resource get an artifact get engines list get a job's normalized forensics get a job summary get a task's normalized forensics get a task's raw forensics resubmit job retrieve a pdf report search across job resources and forensics submit file for scanning submit url for scanning note priority parameter should be between 1 and 255 count parameter should not be more than 100 configurations twinwave api key authentication authenticates using an api key configuration parameters parameter description type required url a url to the target host string required x api key api key string required verify ssl verify ssl certificate boolean optional http proxy a proxy to route requests through string optional actions download submitted resource download a password protected zip archive of the resource use the password infected to decrypt the archive endpoint url /v1/jobs/{{job id}}/resources/{{sha256}} method get input argument name type required description job id string required previous job id of the task sha256 string required sha 256 for the job's resource output parameter type description file object attachments file string output field file file name string name of the resource example \[ { "file" { "file" "string", "file name" "example name" } } ] get artifact get an artifact endpoint url /v1/jobs/artifacts/{{artifact path}} method get input argument name type required description artifact path string required path from the forensic items image and savedartifacts output parameter type description file object attachments file string output field file file name string name of the resource example \[ { "file" { "file" "string", "file name" "example name" } } ] get engines list list available engines endpoint url /v1/engines method get output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "reason" "ok", "response headers" {}, "json body" {} } ] get job normalized forensics get a job's consolidated forensics generated across all resources and all engines during the analysis endpoint url /v1/jobs/{{job id}}/forensics method get input argument name type required description job id string required previous job id to get normalized forensics output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "reason" "ok", "response headers" {}, "json body" {} } ] get job summary get summary of a job endpoint url /v1/jobs/{{job id}} method get input argument name type required description job id string required previous job id to get summary output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "reason" "ok", "response headers" {}, "json body" {} } ] get task normalized forensics get forensics associated with a specific resource and engine analysis run endpoint url /v1/jobs/{{job id}}/tasks/{{task id}}/forensics method get input argument name type required description job id string required previous job id of the task task id string required task id to get normalized forensics output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "reason" "ok", "response headers" {}, "json body" {} } ] get task raw forensics get a task's raw forensics endpoint url /v1/jobs/{{job id}}/tasks/{{task id}}/rawforensics method get input argument name type required description job id string required previous job id of the task task id string required task id to get raw forensics output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "reason" "ok", "response headers" {}, "json body" {} } ] resubmit job resubmit a job endpoint url /v1/jobs/{{job id}}/reanalyze method post input argument name type required description job id string required previous job id to be re submitted as a new job output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "reason" "ok", "response headers" {}, "json body" {} } ] retrieve a pdf report retrieve a pdf report endpoint url /v1/jobs/{{job id}}/pdfreport method get input argument name type required description job id string required previous job id to get summary output parameter type description file object attachments file string output field file file name string name of the resource example \[ { "file" { "file" "string", "file name" "example name" } } ] search job resources and forensics search across job resources or forensics endpoint url /v1/jobs/searchv2 method get input argument name type required description mode string optional parameter for search job resources and forensics term string optional specify the string to search for in the specified field field string optional specify in which field to look for the matching term accepted values detection name, detection desc, domain, filename, filetype, hostname, ip, md5, mimetype, sha256, tag, url type string optional specify whether the term must be an exact match, a case insensitive substring match, startswith match, endswith match, or a tokenized search accepted values exact, substring, startswith, endswith, tokenized count number optional specify number of results to be returned max value 100 shared only boolean optional specify true to only search across jobs (and their resources) which have been shared verdict string optional verdict accepted value malware, phish, spam start time string optional specify the start time in iso format to search jobs starting from the specified time this value is inclusive end time string optional specify the end time in iso format to search jobs before the specified time this value is exclusive page number optional the page for which you want results default 1 score min number optional only return jobs with a score greater than or equal to the value in (between 0 and 1 0) defaults to 0 score max number optional only return jobs with a score less than or equal to the value in (between 0 and 1 0) defaults to 0 api key id string optional only return jobs submitted using the given api key id submitted by string optional specify a username or part of a username output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "reason" "ok", "response headers" {}, "json body" {} } ] submit file for scanning submit new file for scanning endpoint url /v1/jobs/files method post input argument name type required description data body object optional response data priority number optional parameter for submit file for scanning profile string optional parameter for submit file for scanning engines array optional parameter for submit file for scanning archive document password string optional parameter for submit file for scanning decode rewritten urls boolean optional url endpoint for the request user agent string optional parameter for submit file for scanning wa exit region string optional parameter for submit file for scanning files array required parameter for submit file for scanning file name string required name of the resource file string required parameter for submit file for scanning output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "reason" "ok", "response headers" {}, "json body" {} } ] submit url for scanning submit new url for scanning endpoint url /v1/jobs/urls method post input argument name type required description url string required the target url to visit and analyze priority number optional the job's priority relative to other jobs jobs with a lower priority value are processed before those with a higher value valid priority values are between 1 and 255 default priority 10 profile string optional an optional profile name that defines the analysis behavior to be used during the analysis for this job if no profile name is submitted the system will use the default profile engines array optional list of engines to be used during the analysis if you'd like to use the default engines for your account, omit this parameter archive document password string optional a password for extracting files from passwordprotected archive files or for decrypting documents decode rewritten urls boolean optional controls whether rewritten urls from a number of vendors (proofpoint, menlo security, etc ) are automatically decoded user agent string optional specify a custom user agent for web analyzer to use omit to use the default you can specify a raw user agent string, or supply one of the common user agent aliases to get canned user agents for common devices wa exit region string optional specify a custom geoip based exit region for web analyzer runs valid values are us residential , us , asia , europe output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "reason" "ok", "response headers" {}, "json body" {} } ]