Introduction to Utility Commands
LAST UPDATED: FEB 10, 2025
Utility commands are directives that perform operations at various levels of abstraction and scope. They can be executed within automation workflows or as standalone actions, and are—similar to integration commands—either built-in or user-defined. Both built-in and user-defined commands may be of Python or Codeless Playbook implementation.
-20250117-033025.png?inst-v=50beb7fd-144a-421c-a137-9f1549fb3a3f)
Diverse functionalities of utility commands include converting JSON arrays into HTML tables for structured data presentation, creating incidents for correlation, updating incident fields for investigation and record-keeping, sending system emails, and linking extracted IOCs to incidents for downstream threat intelligence workflows.
Learning More About Utility Commands
D3 offers hundreds of utility commands, with ongoing development adding new ones.
Browse through utility command documentations here →
Learn to build your first custom utility command here →
Anatomy of the Utility Command Module
Search Page

Operations Console
-20250117-003042.png?inst-v=50beb7fd-144a-421c-a137-9f1549fb3a3f)