Graph API Version

Submitting Connections Between Data

ThreatExchange supports creating connections (aka edges) between ThreatIndicator objects to express relationships. Examples of when this can be useful are for describing URL re-direct chains or domain to IP address relationships. Connections are created via an HTTP POST request to the /related URI for a specific object:<object_id>/related

In the example below we will create a connection between between the domain object (788497497903212) and the IP address object (1061383593887032), which can resolve to via DNS.


Data returned:

  "success": true

NOTE: Currently, this is not supported for Malware or MalwareFamily objects, but will be in the near future.