Skip to content

asp-artifact-investigation

asp-artifact-investigation is an Artifact- or IOC-centered investigation workflow skill. Use it to enrich context, assess risk, and choose pivot directions.

Invocation

text
/asp-artifact-investigation

It combines capabilities such as asp-artifact, asp-threat-intelligence, asp-cmdb, asp-siem-search, asp-case, and asp-alert.

Common Examples

text
/asp-artifact-investigation investigate the risk and related cases for 1.2.3.4
text
/asp-artifact-investigation check whether artifact_000001 belongs to an internal asset
text
/asp-artifact-investigation suggest next pivots around this hash

Common CLI commands:

powershell
asp artifact list --type "IP Address" --output json
asp ti query 1.2.3.4 --artifact-type "IP Address" --output json
asp cmdb lookup "IP Address" 1.2.3.4 --output json