AbuseIPDB

Connect Sola and AbuseIPDB to investigate suspicious IP addresses

Overview

The AbuseIPDB integration brings IP reputation data directly into Sola AI, enabling security teams to enrich investigations with real-world abuse reports, confidence scores, and blacklist data.

With the AbuseIPDB integration, you can:

Check IP addresses for abuse confidence scores, country, ISP, and report history during active investigations.
Report malicious IP addresses with relevant abuse categories directly from Sola.
Query the AbuseIPDB blacklist to surface high-confidence malicious IPs based on your specific criteria.

Sola can only perform the actions you approve.

Connectors require explicit permission to access or act on external systems. Permissions are securely managed at the workspace, app, and chat level to ensure control at every step.

Set up AbuseIPDB connector integration with Sola

Go to Integrations > Connectors > click New connector > select AbuseIPDB.

The Sola wizard will take you through the steps.

Set up AbuseIPDB ->

Connect AbuseIPDB to Sola

To connect AbuseIPDB, you'll need an AbuseIPDB account and an API key.

This method uses an AbuseIPDB API token to grant Sola access to your AbuseIPDB account.

How do I set up an AbuseIPDB connector using an API key?

To connect, you'll need an AbuseIPDB account.

Create your API key
- In your AbuseIPDB account, go to My API and select Keys.
- Enter a name for your key (e.g. "Sola Integration") and click Create.
- Copy the generated API key.
Paste the API key in the Sola wizard.
Click Test Connection to validate the details and continue.

Available actions with the AbuseIPDB connector

Check IP address - Query the abuse confidence score, country, ISP, and report history for a given IP address.
Report IP address - Submit an abuse report for a suspicious IP address with one or more abuse categories.
Get blacklist - Query the AbuseIPDB blacklist for IP addresses reported for abuse, filtered by confidence score or report count.

Example prompts

During investigations, you can use the AbuseIPDB connector to:

Check the reputation of <IP address> using AbuseIPDB

Is <IP address> malicious? Check it on AbuseIPDB

Get the AbuseIPDB blacklist of the top 10 most reported IPs with a confidence score above 95%

Report <IP address> to AbuseIPDB for SSH brute force attempts

Check <IP address> on AbuseIPDB and tell me if it's safe to allow traffic from it

PreviousJira NextShodan

Last updated 12 days ago

Was this helpful?