Reference

Search IoCs inside a report

get
https://www.virustotal.com/api/v3/collections//search
šŸš§

Special privileges required

Reports & Analysis are only available to users with the Google Threat Intelligence (Google TI) Enterprise or Enterprise Plus licenses.

Allows to search IoCs inside a report using advanced intelligence queries.

The expected input is the same as /intelligence/search. By default it searches files, in order to search other entities use entity:domain/ip/url.

Examples

Search for IoCs related to a report that meet certain conditions.

import requests
import urllib

object_id = "report--24-10074013"
query = "p:4+"
attributes = "name"
limit = "2"
url = f"https://www.virustotal.com/api/v3/collections/{object_id}/search?query={query}&limit={limit}&attributes={attributes}"
headers = {"accept": "application/json","x-apikey": <api-key>}
response = requests.get(url, headers=headers)
Path Params
string
required
Query Params
string
required
int32
0 to 40
Defaults to 10
string
string
string
string
Headers
string
required
string
enum
Defaults to application/json
Allowed:
Response

Updated 9 months ago

Language
LoadingLoadingā€¦
Response
Click Try It! to start a request and see the response here! Or choose an example:
application/json
text/plain

Updated 9 months ago