https://github.com/ReconInfoSec/ansible-greynoise
Ansible modules for the GreyNoise API
https://github.com/ReconInfoSec/ansible-greynoise
Last synced: 6 months ago
JSON representation
Ansible modules for the GreyNoise API
- Host: GitHub
- URL: https://github.com/ReconInfoSec/ansible-greynoise
- Owner: ReconInfoSec
- License: gpl-3.0
- Created: 2019-04-17T02:14:30.000Z (over 6 years ago)
- Default Branch: master
- Last Pushed: 2020-02-24T16:47:56.000Z (over 5 years ago)
- Last Synced: 2024-11-17T01:28:45.821Z (12 months ago)
- Language: Python
- Size: 18.6 KB
- Stars: 8
- Watchers: 2
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
- awesome-ip-search-engines - Ansible GreyNoise
README
# ansible-greynoise
Ansible modules for the [GreyNoise](https://github.com/GreyNoise-Intelligence) API
A full example playbook can be found in `main.yml`.
`ansible-playbook main.yml -vvvv`
### Modules
* greynoise
* list_tags
* query_ip
* query_tag
### Examples
```
- name: List all tags
greynoise:
action: list_tags
register: results
- name: Query IP with GreyNoise
greynoise:
action: query_ip
ip: "178.153.38.136"
key: "{{ greynoise_api_key }}"
register: results
- name: Show name and category with intention malicious from previous results
debug:
msg: "{{ item.name }} - {{ item.category }}"
with_items:
- "{{ results.json.records }}"
when: item.intention == "malicious"
- name: Query tag with GreyNoise
greynoise:
action: query_tag
tag: "PHP_WORM"
key: "{{ greynoise_api_key }}"
register: results
- name: Show IP and organization with intention malicious from previous results
debug:
msg: "{{ item.ip }} - {{ item.metadata.org }}"
with_items:
- "{{ results.json.records }}"
when: item.intention == "malicious"
```