get https://www.virustotal.com/api/v3/collections//search
Special privileges required
Reports & Analysis are only available to users with the Google Threat Intelligence (Google TI) Enterprise or Enterprise Plus licenses.
Allows to search IoCs inside a report using advanced intelligence queries.
The expected input is the same as /intelligence/search. By default it searches files, in order to search other entities use entity:domain/ip/url.
Examples
Search for IoCs related to a report that meet certain conditions.
import requests
import urllib
object_id = "report--24-10074013"
query = "p:4+"
attributes = "name"
limit = "2"
url = f"https://www.virustotal.com/api/v3/collections/{object_id}/search?query={query}&limit={limit}&attributes={attributes}"
headers = {"accept": "application/json","x-apikey": <api-key>}
response = requests.get(url, headers=headers)