-
Notifications
You must be signed in to change notification settings - Fork 0
/
main.yml
49 lines (41 loc) · 1.31 KB
/
main.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
---
- name: Testing GreyNoise modules
hosts: localhost
vars:
greynoise_api_key: "6dc6a60206ab2eb5ce982e74922959fe25940432b384263aecce26adbb3c204a"
tasks:
- name: List all tags
greynoise:
action: list_tags
greynoise_api_key: "{{ greynoise_api_key }}"
register: results
- debug:
msg: "{{ results }}"
- name: Query IP with GreyNoise
greynoise:
action: query_ip
ip: "178.153.38.136"
greynoise_api_key: "{{ greynoise_api_key }}"
register: results
- debug:
msg: "{{ results }}"
- name: Show name and category with classification malicious from previous results
debug:
msg: "{{ item.actor }} - {{ item.metadata.category }}"
with_items:
- "{{ results.json.data }}"
when: item.classification == "malicious"
- name: Query tag with GreyNoise
greynoise:
action: query_tag
tag: "EternalBlue"
greynoise_api_key: "{{ greynoise_api_key }}"
register: results
- debug:
msg: "{{ results }}"
- name: Show IP and organization with classification malicious from previous results
debug:
msg: "{{ item.ip }} - {{ item.metadata.organization }}"
with_items:
- "{{ results.json.data }}"
when: item.classification == "malicious"