cif manual page¶
SYNOPSIS¶
cif [–config] [–remote] [–token] [-q] [–limit] [–feed] [–format] example.org
cif –otype ipv4 –format csv –feed
cif –otype ipv4 –format bro –feed
DESCRIPTION¶
cif is a command line tool for searching the CIF API.
OPTIONS¶
-h, --help | Show the default help message |
-v, --verbose | Verbose mode, more output from successful actions will be shown. |
-d, --debug | Debug mode, more output from actions will be shown. |
--token | Specify the API Token to be used, overrides any token specified in the config file. |
--config | Specify the configuration file to be used. |
--remote | Specify the remote api url. |
--limit | Override the default search results LIMIT when searching. |
--format | Specify an output format to represent the data (table, csv, etc..). |
--no-verify-ssl | |
Disable TLS verification for the remote API. | |
--timeout | Specify a timeout for the remote API. |
-p, --ping | Ping the remote API. |
--sort | Sort the results from a search. |
--submit | Pass a JSON encoded set of observables through STD to the API. |
-q, --search | Search the API. |
--firsttime | Filter results by firsttime >= ‘YYYY-MM-DDTHH:mm:ssZ’ |
--lasttime | Filter results by lasttime >= ‘YYYY-MM-DDTHH:mm:ssZ’ |
--tags | Filter results by a set of tags (ex: ‘botnet,zeus’). |
--description | Filter results by description (ex: ‘zeus’) |
--otype | Filter results by otype (ex: ipv4) |
--cc | Filter results by country code (ex: US) |
--confidence | Filter results by confidence >= N |
--rdata | Filter results by rdata |
--provider | Filter results by provider |
--asn | Filter results by ASN number |
--feed | Perform a “feed aggregation” of the results. |
--whitelist-limit | |
Specify a limit on a generated whitelist [requires –feed]. | |
--last-day | Filter results by the last 24hours. |
--days | Filter results by the N days. |
--aggregate | Aggregate the results based on ‘observable’ |
FILES¶
~/.cif.yml – Config file, used if present to connect to the CIF API
SEE ALSO¶
Extensive documentation is available in the documentation site: <py-cifsdk.rtfd.org>.