Open Threat Exchange (OTX) Ruby Wrapper
Open Threat Exchange is an open community that allows participants to learn about the latest threats, research indicators of compromise observed in their environments, share threats they have identified, and automatically update their security infrastructure with the latest indicators to defend their environment.
This gem provides a wrapper for Ruby applications to pull pulses from OTX and be consumed by the ruby application.
Add this line to your application's Gemfile:
And then execute:
Or install it yourself as:
$ gem install otx_ruby
require `otx_ruby` api_key = '4xxx........' otx = ::.(apikey) # Get all subscribed pulses pulses = otx.get_all # Read contents of a single pulse pulse_id = '56xxxx..........' pulses = ::.(apikey) pulse = pulses.get_pulse(pulse_id)
Library requires your API key this can be found in your settings page https://otx.alienvault.com/settings
The API uses ISO Format timestamps, however there is a quirk, the API seems to use Python style timestamps as a result it is important to ensure that the sent time stamp uses the UTC format when sent
After checking out the repo, run
bin/setup to install dependencies. Then, run
rake test to run the tests. You can also run
bin/console for an interactive prompt that will allow you to experiment.
To install this gem onto your local machine, run
bundle exec rake install. To release a new version, update the version number in
version.rb, and then run
bundle exec rake release, which will create a git tag for the version, push git commits and tags, and push the
.gem file to rubygems.org.
Bug reports and pull requests are welcome on GitHub at https://github.com/mort666/otx_ruby.