post
https://www.virustotal.com/api/v3/intelligence/hunting_rulesets//relationships/associations
Use this endpoint to add associations between IoC Collections and a certain Hunting ruleset.
This endpoint requires the user to be the owner or an editor of involved objects, and IOC Collections' descriptors as follows:
{
"data": [
{
"id": "<_string_> IoC Collection identifier",
"type": "collection"
}
]
}To find your IoC Collections identifiers, navigate to your Profile from the user menu in the top-right corner of the web interface, then go to the COLLECTIONS tab and open the specific collections you're interested in. You'll find the IoC Collection identifier in the URL.
Examples
Create new associations between 20899097850 Hunting ruleset and ab622fb5f4e6382109fe89ed466aafbaef1b79c31cb2c7e1d1f59ffde772715f and 27b2351c8da7419a80cbeb108ac3ac91406af5e33c7158df4e2f2be54809ef64 IoC Collections.
import requests
payload = {
"data":
[
{
"id": "ab622fb5f4e6382109fe89ed466aafbaef1b79c31cb2c7e1d1f59ffde772715f",
"type": "collection"
},
{
"id": "27b2351c8da7419a80cbeb108ac3ac91406af5e33c7158df4e2f2be54809ef64",
"type": "collection"
}
]
}
id = "20899097850"
url = f"https://www.virustotal.com/api/v3/intelligence/hunting_rulesets/{id}/relationships/associations"
headers = {
"accept": "application/json","x-apikey": <api-key>,"content-type": "application/json"
}
response = requests.post(url, json=payload, headers=headers)