Re: domaintools & Splunk ES Integration

dimitris_vergos · ‎09-28-2014

Hello,

I see in the ES Guide @ http://docs.splunk.com/Documentation/ES/latest/Install/AdvancedThreatdashboards

that you can integrate with domaintools.com in order to identity any new domains showing up.

But when I go to domaintools.com to sign up for the free api, I think this has changed, and you can only buy now packages.

Has anyone tried it? is that correct? If so, is there another service that can be used?

markkendrick · ‎06-29-2016

Hi everyone, Mark Kendrick here from DomainTools. Yes, we used to have a free developer API you could sign up for on the website. That's not available anymore, but we do give free trial access to our Whois API for customers considering our Enterprise offerings.

The same thing applies to our own Splunk app and add-on that you'll find in SplunkBase. Just reach out to us on our website or email MemberServices at DomainTools dot com, tell us you want to give the API a try inside Splunk, and we'll get you started.

mcronkrite · ‎09-29-2014

Hi I signed up for the FREE Trial on domaintools.
Yes, appears that the FREE is only for "Access is unlimited for reasonable levels of human, unscripted use, as defined in our Terms of Service." So looks like they need paid subscription for access to the API (scripted non-human access)

domaintools & Splunk ES Integration

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Quantify Your Splunk Investment Impact: Introducing Savings Metrics to Value Insights

Event Series: Telemetry Pipeline Management

Kick the Tires Before You Commit: A Hands-On Tour of the Splunk Observability Cloud ...

Join the Conversation