Running request with ktl

Running request with ktl_lookup utility

This section explains how to investigate objects using the ktl_lookup utility.

Python 3.5.3 or a later version must be installed on the computer that you will use to work with Kaspersky Threat Intelligence Portal API.

To run the ktl_lookup utility in Windows,

Type the following string at the command prompt:

python.exe <path>\ktl_lookup --user=<user name> --pass=<password> [--recordsCount=<count>] --url|--domain|--ip|--hash=<value> [--sections=<sections names>]

To run the ktl_lookup utility in Linux®,

Execute the following command:

./<path>/ktl_lookup --user=<user name> --pass=<password> [--recordsCount=<count>] --url|--domain|--ip|--hash=<value> [--sections=<sections names>]

You can investigate only one object at a time.

Keys	Description
`--user=<user name>` `-u <user name>`	Your user name received from your dedicated Kaspersky Technical Account Manager.
`--password=<password>` `-p <password>`	Your password received from your dedicated Kaspersky Technical Account Manager.
`--recordsCount=<count>` `-c <count>`	Optional key. Maximum number of records to display. If this key is not specified, the ktl_lookup utility displays all available results.
`--hash=<value>`	Hash that you want to investigate.
`--ip=<value>`	IP address that you want to investigate.
`--domain=<value>`	Domain that you want to investigate.
`--url=<value>`	Web address that you want to investigate.
`--sections=<sections names>`	Optional key. Names of specific sections for the objects that you want to investigate.

If you want an IP address to be processed as a web address, add the http:// or https:// prefix to the IP address in your request. For example, 104.132.161.0 is processed as an IP address, and http://104.132.161.0 is processed as a web address.

Responses

Click the links below for information about possible responses.

Expand all | Collapse all

200 OK

401 Unauthorized

451 Unavailable For Legal Reasons

Page top