Forum Discussion
RW_THX1138
Jun 24, 2022Copper Contributor
Azure-Sentinel/Playbooks/Get-GeoFromIpAndTagIncident
Hi
I am really scratching my head with this one, I want to use the Get-GeoFromIpAndTagIncident playbook which is available on GitHub from the Community page in Sentinel. I've set up the playbook but when I run it I get a failure with the message 'SSL unavailable for this endpoint, order a key at https://members.ip.api.com/' , I'm positive there's a way to circumvent this but I am drawing a blank as to where?
- mikhailfSteel Contributor
Hello RW_THX1138 ,
Try to open the IP-API on your Azure Portal, go to Overview -> Edit. Scroll down and you will see "Scheme" is set to HTTPS. Change it to HTTP and check if it works.
OR
You should have an account on https://ip-api.com/ and probably from there create an API key to use it in your connection.
Check the HTTP and update.
- Rich_WatsonCopper ContributorThanks mikhailf, so I ended up starting again from scratch as couldn't find the how to edit IP-API, found that the issue was the custom connector which I hadn't downloaded but when I did download I found that I needed to edit it to change it from HTTPS to HTTP and hey presto it's now all working, couldn't have got to that stage without your steer though so thanks for that.
- zubairrahimsocCopper ContributorHi Rich_Watson, please share if you found out the solution.