[ 1 Connect Farsight Security DNSDB with Devo SOAR ] [ 2 Actions for Farsight Security DNSDB ] [ 2.1 Lookup RRset ] [ 2.1.1 Input Field ] [ 2.1.2 Output ] [ 3 Release Notes ]

Farsight Security's DNSDB is a Passive DNS historical database that provides a unique, fact-based, multifaceted view of the configuration of the global Internet infrastructure.

Connect Farsight Security DNSDB with Devo SOAR

Navigate to Automations > Integrations.
Search for Farsight Security DNSDB.
Click Details, then the + icon. Enter the required information in the following fields.
Label: Enter a connection name.
Reference Values: Define variables here to templatize integration connections and actions. For example, you can use https://www.{{hostname}}.com where, hostname is a variable defined in this input. For more information on how to add data, see 'Add Data' Input Type for Integrations.
Verify SSL: Select option to verify connecting server's SSL certificate (Default is Verify SSL Certificate).
Remote Agent: Run this integration using the Devo SOAR Remote Agent.
API Key: The API key to connect to the Farsight Security DNSDB.
After you've entered all the details, click Connect.

Actions for Farsight Security DNSDB

Lookup RRset

The RRset lookup queries DNSDB's RRset index, which supports forward lookups based on the owner name of an RRset.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input Name	Description	Required

Input Name	Description	Required
Owner Name Column Name	The name of the column holding the owner name of an RRset.
RRType Column Name	The name of the column holding the RRType to use.	Optional
Bailiwick Column Name	The name of the column holding the Bailiwick to use.	Optional
Before Column Name	Filter results by time.	Optional
After Column Name	Filter results by time.	Optional

Output

A JSON object containing multiple rows of result:

has_error: True/False
error: Message/Null
result: Success/Failure message.

``` {json}{ "has_error": true, "error": "An error occurred: HTTP Error 400: Bad Request" }


## Lookup Rdata by Name

The Rdata lookup queries DNSDB's Rdata index, which supports inverse lookups based on Rdata record values.

### Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

| Input Name         | Description                                                                                 | Required |
| :----------------- | :------------------------------------------------------------------------------------------ | :------- |
| Type Column Name   | The name of the column holding the type of a Rdata lookup. Should be 'name', 'ip' or 'raw'. | Required |
| Value Column Name  | The name of the column holding the value to use for the query.                              | Required |
| RRType Column Name | The name of the column holding the RRType to use.                                           | Required |
| Before Column Name | Filter results by time.                                                                     | Required |
| After Column Name  | Filter results by time.                                                                     | Required |

### Output

A JSON object containing multiple rows of result:

- result: result: Success/Failure message.


``` {json}{
   "has_error": true,
   "error": "An error occurred: HTTP Error 400: Bad Request"
}

Release Notes

v2.0.0 - Updated architecture to support IO via filesystem
v1.0.9 - Added documentation link in the automation library.