openapi: "3.0.0" info: title: GreyNoise Enterprise API description: GreyNoise Enterprise API for IP noise analysis version: "2.0" servers: - url: https://api.greynoise.io paths: /v2/noise/context/{ip}: get: operationId: Look up IP context summary: Look up IP context from Greynoise database. description: | This endpoint allows you to check an IP context against the GreyNoise database. #ExamplePrompts Tell me about Ip address "118.25.6.39" using GreyNoise database #ExamplePrompts Find the GreyNoise IP Context for IP 183.221.243.13 parameters: - name: ip in: path required: true schema: type: string description: The IP address to get context for. responses: "200": description: OK content: application/json: {} "400": description: "400 response" content: application/json: {} /v2/noise/quick/{ip}: get: operationId: Look up IP quick summary: Check if an IP is "noise" or not. description: | This endpoint provides a quick way to check if an IP is "noise" or not. #ExamplePrompts Use GreyNoise to do a quick check of IP 183.221.243.13 #ExamplePrompts Find the GreyNoise for IP 183.221.243.13 using a quick lookup parameters: - name: ip in: path required: true schema: type: string description: The IP address to check. responses: "200": description: OK content: application/json: {} "400": description: "400 response" content: application/json: {} /v2/noise/multi/quick: post: operationId: Look up multiple IPs summary: Look up IP addresses in bulk. description: | This endpoint allows you to quickly lookup data on IPs in bulk #ExamplePrompts Lookup Multiple IPs using GreyNoise 183.221.243.13 and 8.8.8.8 #ExamplePrompts I want to know about multiple IPs using GreyNoise. The IP addresses are 183.221.243.13 and 8.8.8.8. requestBody: content: application/json: schema: type: object properties: ips: type: string items: type: string description: List of IP addresses to look up. i.e. ["1.2.3.4", "5.6.7.8", "8.8.8.8", "123.123.123.123"] required: - ips responses: "200": description: OK content: application/json: {} "400": description: "400 response" content: application/json: {} /v2/riot/{ip}: get: operationId: Look up IP riot summary: Look up commonly whitelisted IPs. description: | This endpoint provides information about commonly whitelisted IPs. #ExamplePrompts Use GreyNoise to check the Riot information on IP 183.221.243.13 #ExamplePrompts I want to know the GreyNoise riot information on IP 8.8.8.8 parameters: - name: ip in: path required: true schema: type: string description: The IP address to get information for. responses: "200": description: OK content: application/json: {} "400": description: "400 response" content: application/json: {} /v2/experimental/gnql: get: operationId: Look up GNQL summary: Use the GreyNoise Query Language (GNQL) to query against the GreyNoise dataset. description: | This endpoint allows you to use the GreyNoise Query Language (GNQL) to make complex queries against the GreyNoise dataset. #ExamplePrompts Use GreyNoise to check the GNQL information on tags:"RDP Scanner" #ExamplePrompts Query GNQL for tags:"RDP Scanner" #ExamplePrompts Search for all IPs scanning sensors located in Germany with GNQL GreyNoise Enterprise destination_country:"Germany" parameters: - name: query in: query required: true schema: type: string description: The GNQL query to execute. responses: "200": description: OK content: application/json: {} "400": description: "400 response" content: application/json: {} /v2/experimental/gnql/stats: get: operationId: Look up CVE stats summary: Use the GreyNoise Query Language (GNQL) stats to query against the GreyNoise dataset for CVE information. description: | This endpoint allows you to use the GreyNoise Query Language (GNQL) stats endpoint to query for CVE stats information #ExamplePrompts Use GreyNoise to check stats on CVE-2017-17215 #ExamplePrompts What does GreyNoise know about CVE-2017-17215 parameters: - name: query in: query required: true schema: type: string description: The CVE. responses: "200": description: OK content: application/json: {} "400": description: "400 response" content: application/json: {}