Get Phishing Indicators

TruStar.get_phishing_indicators(from_time=None, to_time=None, normalized_source_score=None, normalized_triage_score=None, status=None, enclave_ids=None, cursor=None)

Get a page of phishing indicators that match the given criteria.

Parameters:
  • from_time (int) – Start of time window in milliseconds since epoch (defaults to 7 days ago).
  • to_time (int) – End of time window in milliseconds since epoch (defaults to current time).
  • normalized_source_score (list(int)) – List of desired scores of intel sources on a scale of 0-3 (default: [3]).
  • normalized_triage_score (list(int)) – List of desired scores of phishing indicators on a scale of 0-3 (default: [3]).
  • enclave_ids (list(string)) – A list of enclave IDs to filter by. (defaults to all of a user’s enclaves)
  • status (list(string)) – List of statuses to filter indicators by. Options are ‘UNRESOLVED’, ‘CONFIRMED’, and ‘IGNORED’. (default: [‘UNRESOLVED’]).
  • cursor (string) – A Base64-encoded string that contains information on how to retrieve the next page. If a cursor isn’t passed, it will default to pageSize: 25, pageNumber: 0