Getting Data In
Highlighted

domaintools & Splunk ES Integration

Path Finder

Hello,

I see in the ES Guide @ http://docs.splunk.com/Documentation/ES/latest/Install/AdvancedThreatdashboards

that you can integrate with domaintools.com in order to identity any new domains showing up.

But when I go to domaintools.com to sign up for the free api, I think this has changed, and you can only buy now packages.

Has anyone tried it? is that correct? If so, is there another service that can be used?

Tags (3)
Highlighted

Re: domaintools & Splunk ES Integration

Splunk Employee
Splunk Employee

Hi I signed up for the FREE Trial on domaintools.
Yes, appears that the FREE is only for "Access is unlimited for reasonable levels of human, unscripted use, as defined in our Terms of Service." So looks like they need paid subscription for access to the API (scripted non-human access)

0 Karma
Highlighted

Re: domaintools & Splunk ES Integration

Path Finder

Hi everyone, Mark Kendrick here from DomainTools. Yes, we used to have a free developer API you could sign up for on the website. That's not available anymore, but we do give free trial access to our Whois API for customers considering our Enterprise offerings.

The same thing applies to our own Splunk app and add-on that you'll find in SplunkBase. Just reach out to us on our website or email MemberServices at DomainTools dot com, tell us you want to give the API a try inside Splunk, and we'll get you started.

0 Karma