The IOFA Exports feature empowers Enterprise customers with a centralized solution to access all of IOFA feed data through a single endpoint, encompassing both existing and newly added feeds. It enables users to consolidate threat data by retrieving all IOFA-based threat indicators in one download, automate updates to continuously receive the latest indicators without manual retrieval, and integrate the data into third-party tools using API endpoints in formats like Python, cURL, and pHp for up to three hours post-generation.
An API key is required to view and use this threat intelligence data, with further details available in the knowledge base.
View your IOFA Exports
From the home page, select the menu icon.
Select Data Export.
Select IOFA Exports.
Use the following table to learn what information is accessible from IOFA Exports:
Information Type | Description |
---|---|
Name | Name of the feed |
Observable | Total amount of observables that are in the feed |
Observable Type | Type of observables that are in the feed. For example, IOFAs or IOCs |
Resource Type | Type of creation of the feed (Manual, URL) |
Vendor | The name of the owner of the feed |
Description | Description that the creator of the feed adds when saving the feed |
Tags | Tags and labels that are assigned to the indicator to provide additional context |
Export an API URL
IOFA Feeds can also be exported as a 3-hour time-limited API URL, which you can use to call the JSON.
Navigate to Threat Intelligence Management.
Click View on your chosen feed.
Click the Export button on the top right.
Click Automate Export.
Select your chosen export method:
Python
cURL
pHp
Click the Copy API endpoint.