Did some research and found out that automating VirusTotal lookups is restricted to 4 lookups per minute. Both via VirusTotal Checker's method of appending hashes o a virustotal.com search URL, and via the VT Public API 2.0 access.
https://www.virustotal.com/en/documentation/public-api/#getting-ip-reports
Explains why in the screenshots he limited the search to 10 events "head 10". Which by the way, successfully works and retrieves VT results only after I go to VirusTotal.com and do the CAPTCHA.
... View more
More than likely due to VirusTotal's CAPTCHA. I was getting this error as well, then did a manual MD5 hash search on VirusTotal.com, proved I was not a robot with CAPTCHA, reran the VT Splunk search and got past the Socket Timeout error.
If VirusTotal Checker could implement API access to VirusTotal, that would be great..MmmK..Thanks!
😉
... View more