Admin Guide

Synapse-Intezer-Analyze Admin Guide

Configuration

Synapse-Intezer-Analyze requires a Intezer-Analyze API key. For information on how to sign up, please visit the Intezer-Analyze API documentation.

Setting API key for global use

To set-up a global API key:

> intezer.analyze.setup.apikey myapikey
Setting Intezer-Analyze API key for all users.

Using per-user API keys

A user may set-up their own API key:

> intezer.analyze.setup.apikey --self myapikey
Setting Intezer-Analyze API key for the current user.

Permissions

Package (synapse-intezer-analyze) defines the following permissions:
power-ups.intezer-analyze.user   : Controls user access to Synapse-Intezer-Analyze. ( default: false )
power-ups.intezer-analyze.submit : Used in addition to power-ups.intezer-analyze.user to allow users to submit files for analysis. ( default: false )

You may add rules to users/roles directly from storm:

> auth.user.addrule visi power-ups.intezer.analyze.user
Added rule power-ups.intezer.analyze.user to user visi.

or:

> auth.role.addrule ninjas power-ups.intezer.analyze.user
Added rule power-ups.intezer.analyze.user to role ninjas.

Exported APIs

Synapse-Intezer-Analyze does not currently export any APIs.

Node Actions

Synapse-Intezer-Analyze provides the following node actions in Optic:

Name : enrich
Desc : Query Intezer Analyze for existing analysis results for a file.
Forms: file:bytes, hash:md5, hash:sha1, hash:sha256

Name : submit
Desc : Submit a file for analysis to the Intezer Analyze API.
Forms: file:bytes, hash:sha256

Name : submit.byhash
Desc : Submit the hash of a file for analysis to the Intezer Analyze API.
Forms: file:bytes, hash:sha256, hash:sha1, hash:md5

Onload Events

Synapse-Intezer-Analyze does not use any onload events,