(Optional) Run enrichment lookup and verify expected results for Whois
Run the Whois integration to perform enrichment lookups on the domains returned from the Reverse Whois integration.
始める前に
Verify that you have installed and configured the Reverse Whois and Whois plugins. Perform these steps only after you have run the domain lookup with the Reverse Whois plugin successfully.
Role required: sn_si.analystこのタスクについて
手順
-
Select the Reverse Whois Domains tab at the bottom of
the record.
In the Domains column, the list of returned domains is displayed.
-
In the Observable column, click an observable.
On the Child Observables tab, the child observables are displayed. The child observables are generated only if the initial scan of the observable by the Reverse Whois application returned domains.
-
Select the child observables you want to run the observable enrichment on, and,
in the Action on selected rows choice list, select
Run Observable Enrichment.
The Run Observable Enrichment dialog box is displayed.
-
Move the Whois
integration from Available to
Selected and click
Submit.
Results are displayed on the Observable Enrichment Results tab of the observable record.
-
Click the blue information icon then click Open Record
in the dialog box that is displayed.
More information and raw data related to the original domain lookup is displayed, such as the registration date, name of registrar, and country of origin.