Install and configure Reverse Whois

  • 릴리스 버전: Australia
  • 업데이트 날짜 2026년 03월 12일
  • 소요 시간: 6분

    • Before you run the integration on your instance, complete the installation and configuration steps so the Reverse Whois application properly integrates with the Security Operations product.

    시작하기 전에

    Complete the following setup checklist prior to installation. These setup tasks are required for a smooth installation and configuration.
    Setup task Description
    Verify that you have assigned the required ServiceNow roles. The following roles are required for installation, configuration, and verification of expected results:
    • The System Administrator (admin) installs the app and assigns the Security Incident Administrator (sn_si.admin) role.
    • The Security Incident Administrator (sn_si.admin) oversees the configuration. The security incident administrator also assigns the Security Incident Analyst (sn_si.analyst) role.
    • The Security Incident Analyst (sn_si.analyst) performs domain lookups with Reverse Whois and analyzes and works with security incidents.
    Obtain an API key. Visit the WhoisXML API website for information on API keys and to create an account: WhoisXML API website. The configuration requires that you enter the API keys.
    Verify that the ServiceNow core applications that are required to support the integration are installed and activated before you install the application for the integration.

    Madrid and later release requirements

    For the Madrid release and later family releases, the Security Incident Response Dependency plugin (com.snc.si_dep) is required. This plugin automatically installs all the dependencies that are required to support the Security Incident Response product. Install and activate this plugin before you install and activate the other Security Operations applications required by the integration.

    Verify that the following Security Operations applications are installed and activated from the ServiceNow Store. If not installed, install and activate one application at a time in the following order to ensure a smooth installation.

    1. Security Incident Response
    2. Security Integration Framework
    3. Security Support Common
    4. Security Support Orchestration

    For more information on setting up your ServiceNow AI Platform instance for the integration, see Get entitlement for a Security Operations product or application and Activate a ServiceNow Store application.

    Role required: admin

    프로시저

    1. If you have already installed and configured the Reverse Whois application, follow these steps:
      1. Delete the existing configuration.
      2. Install and create a new configuration using the API key that you have obtained.
    2. If you have not installed the application for the integration, see Install a Security Operations integration and follow the steps to install it.
    3. After the installation completes, navigate to Integrations > Integrations Configurations and locate the Reverse Whois API tile.
    4. Click Configure.
      A description of the app and the button used to initiate the configuration.
    5. In the Reverse Whois API Configuration dialog box, enter the API key you obtained from the Whois XML API website.
    6. Choose one option in the following table to filter domain lookups for your search terms.
      DescriptionSetting
      Your search includes all domains, active and expired, that were registered after the Since date for the search terms you enter.

      This is the recommended setting.

      		 Since date: Date entered in yyyy-mm-dd format. For example, 1991-06-01 for June 1, 1991.
      Your search includes all active domains for the search terms you enter. Since date: Field cleared.
      These configuration settings remain saved until you change them and apply to all Reverse Whois API searches.
      Reverse Whois API Configuration completed configuration.
    7. Click Submit.
      Configuration is successfully completed unless an error message is displayed.
    If an error message is displayed, the API key may be invalid.
    그림 1. Error message
    Configuration error message example.