Stay organized with collections
Save and categorize content based on your preferences.
IPVoid
Integration version: 9.0
Configure IPVoid to work with Google Security Operations
API
For configuring IPVoid to work with Google SecOps, the process is the
same as for APIVoid.
To obtain your personal API Key, please sign in to your APIVoid
account.
Click on the one of the two My API Keys buttons to get to the page where
is your API Key stored.
Once you get to the page with relevant key, click the copy button to
copy your key to the clipboard, which will be later used in this integration
configuration with Google SecOps.
Network
Function
Default Port
Direction
Protocol
API
Multivalues
Outbound
apikey
Configure IPVoid integration in Google SecOps
For detailed instructions on how to configure an integration in
Google SecOps, see Configure
integrations.
Actions
Get IP Reputation
Description
Search for an IP address through different DNS-based blacklists (DNSBL) and the
reputation services to promote the IP address identification for malware
incidents and spamming.
Parameters
Parameters
Type
Default Value
Description
Threshold
String
N/A
IP risk threshold.
Use cases
N/A
Run On
This action runs on the IP Address entity.
Action Results
Entity Enrichment
Enrichment Field Name
Logic-When to apply
information
Returns if it exists in JSON result
blacklists
Returns if it exists in JSON result
anonymity
Returns if it exists in JSON result
IP
Returns if it exists in JSON result
Insights
N/A
Script Result
Script Result Name
Value Options
Example
successThreshold
True/False
successThreshold:False
JSON Result
[{"EntityResult":{"information":{"is_proxy":false,"is_vpn":false,"region_name":"Zhejiang","is_webproxy":false,"latitude":28.680280685424805,"isp":"ChinaNet Zhejiang Province Network","continent_code":"AS","is_tor":false,"reverse_dns":"","detections":18,"engines_count":76,"longitude":121.44277954101562,"city_name":"Jiaojiang","country_name":"China","continent_name":"Asia","detection_rate":"24%","country_code":"CN","is_hosting":false},"blacklists":{"scantime":"0.57","detection_rate":"24%","detections":18,"engines_count":76,"engines":[{"engine":"PlonkatronixBL","detected":false,"reference":"http://bl.plonkatronix.com/"},{"engine":"Peter-s NUUG IP BL","detected":true,"reference":"https://home.nuug.no/~peter/"},{"engine":"Malc0de","detected":false,"reference":"http://malc0de.com/database/index.php"}]},"anonymity":{"is_tor":false,"is_proxy":false,"is_vpn":false,"is_webproxy":false,"is_hosting":false},"ip":"1.1.1.1"},"Entity":"1.1.1.1"}]
Ping
Description
Test Connectivity.
Parameters
N/A
Use cases
N/A
Run On
This action runs on all entities.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
Script Result Name
Value Options
Example
is_success
True/False
is_success:False
JSON Result
N/A
WhoIs
Description
Query the Whois database to find information on a given domain name or an IP
address.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-09-09 UTC."],[[["\u003cp\u003eIPVoid integrates with Google Security Operations SOAR using the same process as APIVoid, requiring an API key obtained from your APIVoid account.\u003c/p\u003e\n"],["\u003cp\u003eThe primary function of the IPVoid integration is to search for an IP address through DNS-based blacklists and reputation services to identify malware and spamming incidents.\u003c/p\u003e\n"],["\u003cp\u003eThe integration offers actions such as "Get IP Reputation," which provides entity enrichment with information on blacklists, anonymity, and general IP details, returned as JSON results.\u003c/p\u003e\n"],["\u003cp\u003eOther available actions include "Ping" to test connectivity, and "WhoIs" to query database information on IPs and hostnames, with both returning a success indicator in the script result.\u003c/p\u003e\n"],["\u003cp\u003eNetwork configuration requires outbound access via the "apikey" protocol, and more help is available from the provided Google SecOps community forum link.\u003c/p\u003e\n"]]],[],null,["# IPVoid\n======\n\nIntegration version: 9.0\n\nConfigure IPVoid to work with Google Security Operations\n--------------------------------------------------------\n\n### API\n\nFor configuring IPVoid to work with Google SecOps, the process is the\nsame as for APIVoid.\n\n1. To obtain your personal API Key, please sign in to your [APIVoid\n account](https://app.apivoid.com/login/).\n\n2. Click on the one of the two **My API Keys** buttons to get to the page where\n is your API Key stored.\n\n3. Once you get to the page with relevant key, click the **copy** button to\n copy your key to the clipboard, which will be later used in this integration\n configuration with Google SecOps.\n\n### Network\n\nConfigure IPVoid integration in Google SecOps\n---------------------------------------------\n\nFor detailed instructions on how to configure an integration in\nGoogle SecOps, see [Configure\nintegrations](/chronicle/docs/soar/respond/integrations-setup/configure-integrations).\n\nActions\n-------\n\n### Get IP Reputation\n\n#### Description\n\nSearch for an IP address through different DNS-based blacklists (DNSBL) and the\nreputation services to promote the IP address identification for malware\nincidents and spamming.\n\n#### Parameters\n\n#### Use cases\n\nN/A\n\n#### Run On\n\nThis action runs on the IP Address entity.\n\n#### Action Results\n\n##### Entity Enrichment\n\n##### Insights\n\nN/A\n\n##### Script Result\n\n##### JSON Result\n\n [{\n \"EntityResult\":\n {\n \"information\":\n {\n \"is_proxy\": false,\n \"is_vpn\": false,\n \"region_name\": \"Zhejiang\",\n \"is_webproxy\": false,\n \"latitude\": 28.680280685424805,\n \"isp\": \"ChinaNet Zhejiang Province Network\",\n \"continent_code\": \"AS\",\n \"is_tor\": false,\n \"reverse_dns\": \"\",\n \"detections\": 18,\n \"engines_count\": 76,\n \"longitude\": 121.44277954101562,\n \"city_name\": \"Jiaojiang\",\n \"country_name\": \"China\",\n \"continent_name\": \"Asia\",\n \"detection_rate\": \"24%\",\n \"country_code\": \"CN\",\n \"is_hosting\": false\n },\n \"blacklists\":\n {\n \"scantime\": \"0.57\",\n \"detection_rate\": \"24%\",\n \"detections\": 18,\n \"engines_count\": 76,\n \"engines\":\n [{\n \"engine\": \"PlonkatronixBL\",\n \"detected\": false,\n \"reference\": \"http://bl.plonkatronix.com/\"\n },\n {\n \"engine\": \"Peter-s NUUG IP BL\",\n \"detected\": true,\n \"reference\": \"https://home.nuug.no/~peter/\"\n },\n {\n \"engine\": \"Malc0de\",\n \"detected\": false,\n \"reference\": \"http://malc0de.com/database/index.php\"\n }]\n },\n \"anonymity\":\n {\n \"is_tor\": false,\n \"is_proxy\": false,\n \"is_vpn\": false,\n \"is_webproxy\": false,\n \"is_hosting\": false\n },\n \"ip\": \"1.1.1.1\"\n },\n \"Entity\": \"1.1.1.1\"\n }]\n\n### Ping\n\n#### Description\n\nTest Connectivity.\n\n#### Parameters\n\nN/A\n\n#### Use cases\n\nN/A\n\n#### Run On\n\nThis action runs on all entities.\n\n#### Action Results\n\n##### Entity Enrichment\n\nN/A\n\n##### Insights\n\nN/A\n\n##### Script Result\n\n##### JSON Result\n\n N/A\n\n### WhoIs\n\n#### Description\n\nQuery the Whois database to find information on a given domain name or an IP\naddress.\n\n#### Parameters\n\nN/A\n\n#### Use cases\n\nN/A\n\n#### Run On\n\nThis action runs on the following entities:\n\n- IP Address\n- Hostname\n\n#### Action Results\n\n##### Entity Enrichment\n\nN/A\n\n##### Insights\n\nN/A\n\n##### Script Result\n\n##### JSON Result\n\n N/A\n\n**Need more help?** [Get answers from Community members and Google SecOps professionals.](https://security.googlecloudcommunity.com/google-security-operations-2)"]]
