Enrichments /
CrowdSec
No-Code Enrichment with
CrowdSec
Use CrowdSec to Gain Real-time, Crowdsourced Cyber Threat Intelligence (CTI) on Aggressive IPs
Sign Up Free

Use CrowdSec CTI API for Real-time Cyber Threat Intelligence

CrowdSec provides real-time, crowdsourced IP reputation intelligence that allows cyber security teams to obtain data on intrusion attempts, origins, and trends. The CrowdSec CTI API provides frictionless access to accurate cyber threat intelligence, enabling you perform threat research on your log files in Gigasheet. The smoke dataset reflects most of the IPs reported by Crowdsec users.

crowdsec cti api

Provider Website: https://www.crowdsec.net/
Provider Enrichment Docs: https://crowdsecurity.github.io/cti-api/#/default/get_smoke
Endpoint: https://cti.api.crowdsec.net/v2/smoke/185.7.214.104 | jq|
Token / Registration Required: Yes

How To Enrich A Spreadsheet With CrowdSec CTI API:

For this example, my data contains a list of the Top 10 of the most aggressive IPs detected by the CrowdSec community during the last 24 hours. These IPs are listed within the CrowdSec console, and are updated in real time.

top 10 aggressive ips from the crowdsec console

Step 1. In Gigasheet, head to the Enrichments function and select Custom Enrichment. First we paste in the HTTP request from the CrowdSec CTI API.

the crowdsec cti api request

Step 2. On the next screen we’ll insert the column variable from our Gigasheet sheet for the prompt. In this case, we highlight the IP Address, “185.7.214.104”, in the input, and then select our IP Address column and click +Insert Column Reference. We also need to highlight the “YOUR_API_KEY” and paste our real key from CrowdSec. Then click Next.

customizing the crowdsec cti api
the crowdsec cti api is now ready to execute

Step 3. In this screen we see a preview of the results. Gigasheet makes requests for the first three rows and shows the CrowdSec API response. At this point select the fields you want to be inserted into your sheet. We recommend hitting Select All since you can easily delete columns in Gigasheet.

preview of the response from the crowdsec cti api

Step 4. Finally, confirm the number of requests is to your liking, and when ready click Run to kickoff the custom enrichment process. It’s ok to leave or close the sheet; the custom enrichment will keep running and you’ll receive an email once the job has been completed. You can monitor the progress of your enrichment, or cancel the job at the top of the sheet. 

confirm execution of the crowdsec cti api on the sheet

Step 5. Once completed, new columns will be inserted into your sheet based on the CrowdSec CTI API. The IP Addresses have been enriched with information from CrowdSec’s smoke dataset, reflecting the IPs reported by Crowdsec users.

a sheet in Gigasheet enriched using the crowdsec cti api

Here is a sample of the Threat Intelligence provided by CrowdSec for the malicious IP Addresses.

data from the crowdsec cti api
Try it Out

Related Enrichments

OpenAI

ChatGPT Enrichment

Use ChatGPT to enrich your spreadsheet data, classify items, generate descriptions, drafts email and more. No code or formulas required.
Faker API

Fake Company Data

Use Faker API's Fake Company Data Generator to create data for your development, design or marketing needs.
RevenueBase LinkedIn

LinkedIn Enrichment

Use RevenueBase to find email addresses, phone numbers, and more from LinkedIn URLs - with unmatched value. Sign up to get 1,000 credits free.

The ease of a spreadsheet with the power of a database, at cloud scale.

No Code
No Database
No Training
Sign Up, Free Forever
G2 Star rating logoCapterra 5 Star rating badgeSource Forge Logo - Light VersionSOC 2 Type 2 logo
© 2024 Gigasheet, INC. PATENTED