Skip to main content
Sign in

Creating workflows for Shodan assets

  • April 17, 2024 08:18
  • Updated

Let Oomnitza be your single source of truth!

You'll get visibility of your assets as data from Shodan is automatically transformed into consumable information and actionable insights.

Connect Oomnitza and Shodan in minutes

Get the information and insights that you need by creating a configurable workflow that fetches the entire host entity by IP address and returns the most recent Shodan view of the host and its services.

Before you start

Before you can create the integration with Oomnitza, you need to have added your Shodan credentials to Oomnitza

Creating workflows

Create asset workflows

To create an asset workflow, you must complete these steps:  

  1. Click Configuration > Workflows 
  2. Click Add (+) and select Assets from the list.
  3. Edit the Begin Block and add rules to trigger the workflow. 
    1. If you set the  Actions to New, the workflow will run for every new asset record added to Oomnitza. Alternatively, set the Actions to Schedule so that it only runs at a specific time or when manually triggered.
    2. Add Rule criteria. For example, you can add a rule so that the workflow only runs if a field has been updated or is empty.
  4. Drag and drop the API block onto the Sandbox.
  5. Click Edit on the API block and enter Shodan in the search field. 
  6. Select the Shodan Get Host Details with IPV4 Address preset. To choose a preset, click the forward arrow (>).
  7. Select the credentials that you created in the previous step.
  8. Click Advanced Mode.
  9. The IP address is required to fetch the host details and is referenced in the Information tab in the property{{ip_address}}.
  10. Select the Response tab. You can map the entire response by placing {{response}} in the Response field and mapping it to a custom long text Oomnitza field, such as API Response. However, since the response can be over 1,000 characters, it may not be possible to map it to a single field. Instead, you can parse the JSON response values to custom Oomnitza fields, as per the image below.
  11. Connect the Blocks. 
  12. Save, validate, and activate your workflow.

Shodan_API_Response.PNG

You can find out more about what is returned in the Shodan Get Host Details with IPV4 Address response by consulting Shodan API Documentation GET /shodan/host/{ip}.

articles_icon.svg Reference articles for workflows

Comments

0 comments

Please sign in to leave a comment.