Recorded Future Alerts API

These 2 Playbooks will query the Recorded Future API for any alerts for the specified timed period from the "Timer" in the RF Alerts Query Playbook. The secondary Playbook (RF Incident Create) will then create incidents from the Recorded Future API.

Documentation for “RF Alerts Incident Create” Playbook

Triggers

  • CVE
  • Task

Variables Declared in the Playbook

The following variables are declared in this playbook:

  • RF: Recorded Future Alert
  • XRFToken: your_api_key_here

Documentation for “RF Alerts Query” Playbook

Triggers

  • Timer

Variables Declared in the Playbook

The following variables are declared in this playbook:

  • XRFToken: your_API_TOKEN_HERE