One IPv4
Copy
curl --request GET \
--url https://app.onefirewall.com/api/v1/ips/{ipv4} \
--header 'Authorization: <api-key>'Copy
{
"header": {
"type": "IPv4",
"version": 2,
"ts": "1684014988",
"page_size": 1,
"delay": 0,
"eval": "return (scoreTimeZero) / (1 + Math.exp( (3/(scoreTimeZero)) * ((current_time/3600) - (2.5 * scoreTimeZero))))",
"exec_python": "score = (scoreTimeZero) / (1 + numpy.exp( (3/(scoreTimeZero)) * ((current_time/3600) - (2.5 * scoreTimeZero))))",
"user": {
"guid": "OFA-GUID-XXXX-XXXX-XXXX",
"name": "Your name",
"surname": "Your surname",
"username": "Your email",
"role": 0,
"unsuccessful_login": 0,
"member_of": {
"gid": "OFA-GID-XXXXXXX",
"name": "Organisation name",
"trust": 0.9,
"delay": "0"
}
}
},
"body": [
{
"gid": "OFA-RULE-GID-XXXXXX",
"ip": "XXX.YYY.ZZZ.WWW",
"ts": 1684015144,
"entry_ts": 1683928684,
"is_network": false,
"ip_info": {
"as_domain": "cloudflare.com",
"as_name": "Cloudflare, Inc.",
"asn": "AS13335",
"continent": "NA",
"continent_name": "North America",
"country": "US",
"country_name": "United States"
},
"score": 34,
"info": {
"members": 1,
"events": 1,
"sources": [
"sshlog"
],
"stix_bundles": [],
"attack_infos": [],
"notes": [
"May 12 23:47:55 OFA-SRV2 sshd[12317]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=XXX.YYY.ZZZ.WWW user=root"
]
},
"elk_ts": "2023-05-13T21:59:04.000Z",
"elk_entry_ts": "2023-05-12T21:58:04.000Z",
"delay": 0,
"dec": 8.3e-7
}
]
}IPv4 Feeds
One IPv4
You can call the API /api/v1/ips/<IPv4> in order to receive information for the IPv4 feeds in request if is presented at the OneFirewall Data lake. This API is useful when you want to verify if OneFirewall have an information for the actor in request.
GET
/
ips
/
{ipv4}
One IPv4
Copy
curl --request GET \
--url https://app.onefirewall.com/api/v1/ips/{ipv4} \
--header 'Authorization: <api-key>'Copy
{
"header": {
"type": "IPv4",
"version": 2,
"ts": "1684014988",
"page_size": 1,
"delay": 0,
"eval": "return (scoreTimeZero) / (1 + Math.exp( (3/(scoreTimeZero)) * ((current_time/3600) - (2.5 * scoreTimeZero))))",
"exec_python": "score = (scoreTimeZero) / (1 + numpy.exp( (3/(scoreTimeZero)) * ((current_time/3600) - (2.5 * scoreTimeZero))))",
"user": {
"guid": "OFA-GUID-XXXX-XXXX-XXXX",
"name": "Your name",
"surname": "Your surname",
"username": "Your email",
"role": 0,
"unsuccessful_login": 0,
"member_of": {
"gid": "OFA-GID-XXXXXXX",
"name": "Organisation name",
"trust": 0.9,
"delay": "0"
}
}
},
"body": [
{
"gid": "OFA-RULE-GID-XXXXXX",
"ip": "XXX.YYY.ZZZ.WWW",
"ts": 1684015144,
"entry_ts": 1683928684,
"is_network": false,
"ip_info": {
"as_domain": "cloudflare.com",
"as_name": "Cloudflare, Inc.",
"asn": "AS13335",
"continent": "NA",
"continent_name": "North America",
"country": "US",
"country_name": "United States"
},
"score": 34,
"info": {
"members": 1,
"events": 1,
"sources": [
"sshlog"
],
"stix_bundles": [],
"attack_infos": [],
"notes": [
"May 12 23:47:55 OFA-SRV2 sshd[12317]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=XXX.YYY.ZZZ.WWW user=root"
]
},
"elk_ts": "2023-05-13T21:59:04.000Z",
"elk_entry_ts": "2023-05-12T21:58:04.000Z",
"delay": 0,
"dec": 8.3e-7
}
]
}Authorizations
Authorization Token
Path Parameters
A single IPv4
Response
200 - application/json
The response is of type string.
Assistant
Responses are generated using AI and may contain mistakes.