Overview
VirusTotal inspects items with over 70 antivirus scanners and URL/domain blocklisting services, in addition to a myriad of tools to extract signals from the studied content. Any user can select a file from their computer using their browser and send it to VirusTotal. VirusTotal offers a number of file submission methods, including the primary public web interface, desktop uploaders, browser extensions and a programmatic API.
Prerequisites
- Logsign 6.3.+ versions support this integration.
Configure On Virustotal
Forwarding settings are completed as follows:
- Log in to the Virustotal portal.
- Click the API key button.
- And then copy the value.
Configure On Logsign
Forwarding settings are completed as follows:
- Click Settings > Integrations > Responses.
- In the ‘Search’ part, write Virustotal.
- Click ‘Configure’ and then click ‘+Device’.
- Define the settings as follows:
- Device Name: Define the Device Name.
- Api Key: Specify the api key.
- Click Create to save the changes.
Methods
GET-IP-REPUTATION
- Device: Select the configuration you have configured.
- Ip: Define the ip you want to query reputation.
GET-URL-REPUTATION
- Device: Select the configuration you have configured.
- Url: Define the url you want to query reputation.
ANALYZE-URL
- Device: Select the configuration you have configured.
- Url: Define the url you want to analyze.