Merge pull request #7924 from Security-Onion-Solutions/analyzer-docs

Update analyzer docs with information about analyzers that require au…
2025-12-07 17:52:46 +01:00 · 2022-05-10 09:40:50 -04:00
parent 000e813fbb 91a7f25d3a
commit 7f797a11f8
1 changed files with 17 additions and 0 deletions
--- a/salt/sensoroni/files/analyzers/README.md
+++ b/salt/sensoroni/files/analyzers/README.md
@@ -18,6 +18,23 @@ The built-in analyzers support the following observable types:
 | Urlscan                 |&cross; |&cross;|&cross;|&cross;|&cross;|&cross;|&cross;|&check;|&cross;|
 | Virustotal              |&check; |&check;|&check;|&cross;|&cross;|&cross;|&cross;|&check;|&cross;|

+## Authentication
+Many analyzers require authentication, via an API key or similar. The table below illustrates which analyzers require authentication.
+
+| Name                    | Authn Req'd|
+--------------------------|------------|
+[AlienVault OTX](https://otx.alienvault.com/api)            |&check;|
+[EmailRep](https://emailrep.io/key)                  |&check;|
+[GreyNoise](https://www.greynoise.io/plans/community)                 |&check;|
+JA3er                     |&cross;|
+LocalFile                 |&cross;|
+[Pulsedive](https://pulsedive.com/api/)                 |&check;|
+Spamhaus                  |&cross;|
+Urlhaus                   |&cross;|
+[Urlscan](https://urlscan.io/docs/api/)                   |&check;|
+[VirusTotal](https://developers.virustotal.com/reference/overview)                |&check;|
+
+
 ## Developer Guide

 ### Python