[IntelMQ-dev] An output bot for Request Tracker's RT::IR

[Sebastian Wagner]

Dear Mika,

On 1/13/21 8:24 AM, Mika Silander wrote:
>  We recently decided to try IntelMQ with the intent to have it push security events into a Request Tracker (RT) instance. The events would thus be managed as RT::IR tickets within RT. We didn't manage to make the Request Tracker output bot working and we are not entirely sure whether it is because we have just missed something in its configuration or whether it has some other problem. Thus, what is the current status of this bot? Is it still usable with RT versions 4.x and 5.0.x ?
Is has recently been added, so it's not outdated if you mean that. I'm
sure that Marius, the author of said bot, can help, but you'd need to
provide some more information on the issues you are experiencing. If
there's anything we can improve - in the bot's code as well as in its
documentation - I'm happy about pull requests =)
> Ideally, we'd like to have/create an RT + RT::IR output bot that uses the newer RT REST API 2.0. If there's anyone with similar endeavours, I'd be happy to hear from you.

There's an ongoing discussion in the python-rt library project on a
REST2 API support: https://github.com/CZ-NIC/python-rt/issues/34 I don't
know if anyone is actively working on it, but keep in mind, that the
REST2 API does not (yet?) offer the same possibilities like the REST 1
API and has some issues - see the linked discussion.

best regards,
Sebastian

-- 
// Sebastian Wagner <wagner at cert.at> - T: +43 1 5056416 7201
// CERT Austria - https://www.cert.at/
// Eine Initiative der nic.at GmbH - https://www.nic.at/
// Firmenbuchnummer 172568b, LG Salzburg


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.cert.at/pipermail/intelmq-dev/attachments/20210113/e7a3d186/attachment-0001.sig>