gists/config/visidata/showcase_ioc.tsv at ce55928b1ebd6fdbeb76f84613dd359ba71c6e37

irt/gists

Files

tobias 250999b0c6 visidata: add replayable IOC showcase and usage docs

Provide a sample dataset and cmdlog that exercise typed IOC enrichment while keeping heavy lookups scoped for practical throttled runs, and document how to run it.

2026-02-21 23:20:42 +01:00

970 B

Raw Blame History

1	event_id	src_ip	dst_ip	network	domain	url	file_hash	constant
2	evt-001	8.8.8.8	192.168.1.10	8.8.8.0/24	google.com	https://www.google.com/search?q=visidata	44D88612FEA8A8F36DE82E1278ABB02F	KEEP
3	evt-002	1.1.1.1	10.0.5.9	10.0.0.0/8	cloudflare.com	example.org/download?id=1	3395856CE81F2B7382DEE72602F798B642F14140	KEEP
4	evt-003	2606:4700:4700::1111	172.16.0.5	2606:4700:4700::/48	example.net	http://sub.example.net/path#frag	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855	KEEP
5	evt-004	192.0.2.15	203.0.113.5	192.0.2.0/24	openai.com	openai.com/research	D41D8CD98F00B204E9800998ECF8427E	KEEP
6	evt-005	bad-ip	203.0.113.250	203.0.113.0/24	test.example	https://test.example:8443/login?id=7	A94A8FE5CCB19BA61C4C0873D391E987982FBBD3	KEEP
7	evt-006	2001:db8::1234	fe80::1	2001:db8::/32	WWW.GitHub.COM.	http://[2001:db8::1]/admin	notahash	KEEP
8	evt-007	8.8.8.8	198.51.100.9	8.8.0.0/16	google.com	https://google.com/	44D88612FEA8A8F36DE82E1278ABB02F	KEEP

970 B Raw Blame History

970 B

Raw Blame History