TAXII feeds
|
Function availability based on the service level of subscription Access to this functionality is dependent on the service level of your subscription. Not all functionality described in this topic is available to all users. |
Data feeds are available as STIX feeds and JSON feeds via TAXII. The feeds can be accessed in the TAXII FEED section or you can incorporate it into your internal system by standard TAXII interface. See our sample python script for accessing TAXII feeds . Once downloaded and extracted, open the script in a simple text editor to see further instructions for use.
JSON and STIX feed formats
In the TAXII feed section each feed is available in 2 formats. For example:
•ei.botnet (json) — JSON feed format
•ei.botnet (stix2) — STIX version 2.0 feed
To preview feeds in the portal, select a report collection and then select one of the available options, or click the corresponding number under Last 1h, Last 5h or Last day column.
Alternatively, click a report link under More blocks, then click a data range of non-zero Volume under Blocks.
If you click Download, the feed opens in a new tab. Right-click the new feed and select Save.
You can choose from several types of feeds: