post https://www.virustotal.com/api/v3/collections//comments
Special privileges required
Threat Actors and Campaigns are only available to users with the Google Threat Intelligence (Google TI) Enterprise or Enterprise Plus licenses.
With this endpoint you can post a comment for a given threat object (threat actor, campaign, malware & tool or IoC collection). The body for the POST request must be the JSON representation of a comment object. Notice however that you don't need to provide an ID for the object, as they are automatically generated for new comments.
Any word starting with # in your comment's text will be considered a tag, and added to the comment's tag attribute.
{
"data": {
"type": "comment",
"attributes": {
"text": "Lorem #ipsum dolor sit ..."
}
}
}
{
"data": {
"type": "comment",
"id": "<comment's ID>",
"links": {
"self": "https://www.virustotal.com/api/v3/comments/<comment's ID>"
},
"attributes": {
"date": 1521725475,
"tags": ["ipsum"],
"html": "Lorem #ipsum dolor sit ...",
"text": "Lorem #ipsum dolor sit ...",
"votes": {
"abuse": 0,
"negative": 0,
"positive": 0
}
}
}
}