/ home / maxamillion / maxamillion.devel / 0.0.1 / module / virustotal_info

maxamillion.devel.virustotal_info (0.0.1) — module

query virustotal (virustotal.com) API

| "added in version" 2.10 of maxamillion.devel"

Authors: Adam Miller <admiller@redhat.com>

Install collection

Install with ansible-galaxy collection install maxamillion.devel:==0.0.1

Add to requirements.yml

  collections:
    - name: maxamillion.devel
      version: 0.0.1

Description

run queries against virtustotal.com

Requirements

virustotal-api

Usage examples

Scanned by Steampunk Spotter

- name: Grab report from VirtusTotal for Ansible.com
  debug:
      msg: "{{ lookup('maxamillion.devel.virustotal', api_key='xxxx', type='url', data='https://ansible.com'}}"

Inputs

    
data:
    description:
    - Data correlating to type.
    - When paired with C('url') type, this would be the actual URL to check
    - When paired with C('file') type, this would be the path to the file to check
    - When paired with C('ip') type, this would be the ip address to check
    - When paired with C('domain') type, this would be the domain name to check
    - When paried with C('hash') type, this would be the literal hash to check
    required: true
    type: str

type:
    choices:
    - url
    - file
    - ip
    - domain
    - hash
    default: url
    description: type of query
    type: str

api_key:
    description: virustotal.com API KEY
    required: true
    type: str

timeout:
    default: 600
    description: amount of time to wait for virustotal.com to complete a report
    type: int

polling_interval:
    default: 60
    description: time to wait between polling attempts against current virustotal.com
      scan
    type: int

Outputs

info:
  description: response from Virus Total