Get Account
Read current account metadata and settings.
Curl Example
$ curl -u $USERNAME:$KEY https://api.riskiq.net/pt/v2/account
Response
{ "username": "sim.gretina@example.org", "firstName": "Sim", "lastName": "Gretina", "fullName": "Sim Gretina", "organization": "gretina_org" "firstActive": "2016-12-02", "lastActive": "2017-04-10", "verified": "True", "suppliedOrganization": "gretina_org", "jobRole": "Other", "enterpriseUser": "True", "country": "united_states", "phoneNumber": "555 415 4155", "stateOrRegion": "california", "accountStatus": "enterprise", "user_id": "80f5a4f51a303ab4461731a67cde18e552b9d76961467f2a98a0f6974", "user_hash": "c3ab8ff13720e8ad9047dd39466b3c8974e592c2fa383d4a3960714", "event_code": null, "approvedSources": "alienvault, crawl, emerging_threats, farsight", "projectPrivateQuotaExceeded": false, "searchWebQuotaExceeded": false, "searchApiQuotaExceeded": false, "projectPublicQuotaExceeded": false, "admin": false, "ssoIntegrationId": null, "ssoAuthPartnerId": null, "ssoSuccess": true, "features": { "two_factor_enabled": true, "analyst_insights": false, "analyst_projects": false, "async_heatmap": true, "tab_update": true, "exposed_services": false, "data_table_improvement": true, "project_selector_v2": true, "whois_history": false, "server_side_facets": true, "projects_tabs": true, "projects_share": true, "data_table_paginated": true }, "guest": false, "roles": [ "user" ], "monitorFrequency": "weekly", "workspaceId": null, "permissions": [] }
Get History
Read API usage history of the account.
Curl Example
# Retrieve account history $ curl -u $USERNAME:$KEY https://api.riskiq.net/pt/v2/account/history # filter by source $ curl -u $USERNAME:$KEY https://api.riskiq.net/pt/v2/account/history?source=api # filter by focus $ curl -u $USERNAME:$KEY https://api.riskiq.net/pt/v2/account/history?focus=riskiq.com # filter by dt $ curl -u $USERNAME:$KEY https://api.riskiq.net/pt/v2/account/history?dt=2020-04-27
Response
{ "history": [ { "focus": "example.org", "dt": "2017-03-06 17:12:16", "context": "", "guid": null, "username": "sim.gretina@example.org", "source": "api", "type": "search" }, { "focus": "simgretina.example.org", "dt": "2017-03-06 17:38:41", "context": "", "guid": null, "username": "sim.gretina@example.org", "source": "api", "type": "search" } ] }
Get Monitors
Get active monitors
Curl Example
$ curl -u $USERNAME:$KEY https://api.riskiq.net/pt/v2/account/monitors
Response
{ "monitors": [ { "tags": [ "caravan", "registered" ], "focus": "example.org" }, { "tags": [ "google", "routable", "dns" ], "focus": "8.8.8.8" } ] }
Get Organization
Read current organization metadata
Curl Example
$ curl -u $USERNAME:$KEY https://api.riskiq.net/pt/v2/account/organization
Response
{ "licenses": { "enterprise": 150 }, "licensedMembers": { "enterprise": [ "sim.gretina@example.org", "jamie.berry@example.org", "caravan.palace@example.org" ] } "searchQuota": 9999, "watchQuota": 368, "active": true, "id": "gretina_org", "registered": "2015-09-21 19:43:49", "status": "enterprise", "name": "gretina_org", "acceptableDomains": [ "example.org" ], "inactiveMembers": [], "admins": [ "sim.gretina@example.org" ], "lastActive": "2016-11-21 17:31:38", "seats": null, "features": null, "showTeamSearchHistory": null, "defaultDomains": null, "disabledMembers": null, "usersNotSignedUpYet": null, "hasFalconCreds": false, "sources": null }
Get Quotas
Read current account and organization quotas.
Curl Example
$ curl -u $USERNAME:$KEY https://api.riskiq.net/pt/v2/account/quota
Response
{ "organization": { "counts": { "basic_monitors": 0, "keyword_monitors": 0, "projects_private": 0, "projects_public": 0 }, "licenseCounts": { "enterprise": { "searchApi": 0, "searchWeb": 0 } }, "freebies": { "search_api": 0, "search_web": 0 }, "guid": "00000000-0000-0000-0000-000000000000", "last_reset": "0000-00-00 00:00:00", "limits": { "basic_monitors": 100, "monitor_results": 1, "projects_private": 1, "monitor_frequency": "weekly", "keyword_monitors": 1, "projects_public": 1000, "create_crawls": 0, "crawl_submissions": 0 }, "licenseLimits": { "enterprise": { "searchApi": 15, "searchWeb": 200 } }, "next_reset": "0000-00-00 00:00:00", "organization": "riskiq", "owner": "riskiq", "profile": { "analysis": "free", "workflow": "free" }, "username": null }, "user": { "counts": { "basic_monitors": 0, "keyword_monitors": 0, "projects_private": 0, "projects_public": 0 }, "licenseCounts": { "searchApi": 0, "searchWeb": 0 }, "freebies": { "search_api": 0, "search_web": 0 }, "guid": "00000000-0000-0000-0000-000000000000", "last_reset": "0000-00-00 00:00:00", "limits": { "basic_monitors": 100, "monitor_results": 1, "projects_private": 1, "monitor_frequency": "weekly", "keyword_monitors": 1, "projects_public": 1000, "create_crawls": 0, "crawl_submissions": 0 }, "licenseLimits": { "searchApi": 15, "searchWeb": 200 }, "next_reset": "0000-00-00 00:00:00", "organization": "riskiq", "owner": "username@example.com", "profile": { "analysis": "small", "workflow": "small" }, "quotas": { "account_type": "enterprise" }, "username": "username@example.com" } }
Get Sources
Check sources being used for queries.
Curl Example
# get all sources $ curl -u $USERNAME:$KEY https://api.riskiq.net/pt/v2/account/sources # get virustotal source as url parameter $ curl -u $USERNAME:$KEY https://api.riskiq.net/pt/v2/account/sources?source=virustotal
Response
{ "sources": [ { "authRequired": false, "authMethod": { "apiKey": "" }, "active": true, "website": "https://www.alienvault.com", "auth": true, "description": "Alienvault provides free access to their passive DNS and OTX platform for registered users.", "source": "alienvault", "label": "Alienvault", "configuration": {}, "controllable": true, "type": [ "pdns" ], "access": [ "free", "commercial" ], "org_configuration": null }, ... { "authRequired": false, "authMethod": { "apiKey": "" }, "active": true, "website": "https://www.virustotal.com/", "auth": true, "description": "", "source": "virustotal", "label": "Virustotal", "configuration": {}, "controllable": true, "type": [ "pdns" ], "access": [ "free", "commercial" ], "org_configuration": null } ] }
Get Teamstream
Read team activity.
Curl Example
# Retrieve all history (might take a while) $ curl -u $USERNAME:$KEY https://api.riskiq.net/pt/v2/account/organization/teamstream # filter by focus $ curl -u $USERNAME:$KEY https://api.riskiq.net/pt/v2/account/organization/teamstream?focus=example.org
Response
{ "teamstream": [ { "focus": "example.org", "dt": "2016-08-24 18:40:06", "context": 3075, "guid": null, "username": "caravan.palace@example.org", "additional": {}, "source": "web", "type": "search" }, ... { "focus": "electro.example.org", "dt": "2016-08-24 18:40:06", "context": 3075, "guid": null, "username": "jamie.berry@example.org", "additional": {}, "source": "web", "type": "search" } ] }
Get items with the specified classification
Retrieve items with the specified classification.
Curl Example
# Retrieve all classification $ curl -u $USERNAME:$KEY https://api.riskiq.net/pt/v2/account/classifications # filter by classification $ curl -u $USERNAME:$KEY https://api.riskiq.net/pt/v2/account/classifications?classification=malicious
Response
{ "malicious": [], "non_malicious": [ "109.230.11.40" ], "suspicious": [] }