[IntelMQ-users] MISP & Integrate intelmq

Sebastian Wagner wagner at cert.at
Wed Apr 7 20:27:16 CEST 2021 

Hi,

You can either use MISP feeds or the MISP API.

A MISP feed is a directory structure with event data as files. The
directory then needs to be configured in MISP as source (several
parameter can be used to tweak the import). This is the more MISP-native
way.
Documentation on the MISP feed output bot can be found here:
https://intelmq.readthedocs.io/en/maintenance/user/bots.html#misp-feed

Otherwise you can push events directly into MISP using the API.
Documentation on the MISP API output bot can be found here:
https://intelmq.readthedocs.io/en/maintenance/user/bots.html?highlight=misp#misp-api

We are able to help if you are more precise in what you need.

Sebastian

On 4/7/21 12:41 PM, Soni, Drupad via IntelMQ-users wrote:
> HI Bernhard,
>
> I want push feeds from Intelmq to MISP using o/p bot MISP feed/API. Please guide.
>
> Regards,
> Drupad Soni
> KPMG – Cyber Security
> Embassy Golf Links Business Park, Pebble Beach, 'B' Block, 
> 1st & 2nd Floor, Off Intermediate Ring Road 
> Mobile : +91 8140283894
> Know more about our Cyber Security Services
> https://home.kpmg.com/in/en/home/services/advisory/risk-consulting/it-advisory-services/cyber-security.html
>
> -----Original Message-----
> From: IntelMQ-users <intelmq-users-bounces at lists.cert.at> On Behalf Of Bernhard Reiter
> Sent: Wednesday, April 7, 2021 1:38 PM
> To: intelmq-users at lists.cert.at
> Subject: [IntelMQ-users] MISP & Integrate intelmq
>
> Hi Drupad,
>
> Am Mittwoch 07 April 2021 06:24:12 schrieb Soni, Drupad via IntelMQ-users:
>> We want to integrate Intelmq with MISP using feeds/API. Please guide 
>> us through we went through documentation of output bots. We are unable 
>> to figure out a way through.
> MISP and IntelMQ have different approaches (manual versus automatic) and can be used in many ways. For anyone to help you with suggestions, you need to describe your use cases in more detail.
>
> Another way would be to seek out a consultant that helps you to narrow down the usages for you.
>
> Best Regards,
> Bernhard
> --
> www.intevation.de/~bernhard   +49 541 33 508 3-3 Intevation GmbH, Osnabrück, DE; Amtsgericht Osnabrück, HRB 18998 Geschäftsführer Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
>
> **********************************************************************
> KPMG (in India) allows reasonable personal use of the e-mail system. Views and opinions expressed in these communications do not necessarily represent those of KPMG (in India).
>
> *******************************************************************************************************
> DISCLAIMER
> The information in this e-mail is confidential and may be legally privileged. It is intended solely for the addressee. Access to this e-mail by anyone else is unauthorized. If you have received this communication in error, please address with the subject heading "Received in error," send to postmaster1 at kpmg.com, then delete the e-mail and destroy any copies of it. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. Any opinions or advice contained in this e-mail are subject to the terms and conditions expressed in the governing KPMG client engagement letter. Opinions, conclusions and other information in this e-mail and any attachments that do not relate to the official business of the firm are neither given nor endorsed by it.
>
> KPMG cannot guarantee that e-mail communications are secure or error-free, as information could be intercepted, corrupted, amended, lost, destroyed, arrive late or incomplete, or contain viruses.
>
> KPMG, an Indian partnership and a member firm of KPMG International Cooperative ("KPMG International"), a Swiss entity that serves as a coordinating entity for a network of independent firms operating under the KPMG name. KPMG International Cooperative (“KPMG International”) provides no services to clients. Each member firm of KPMG International Cooperative (“KPMG International”) is a legally distinct and separate entity and each describes itself as such.
>
> “Notwithstanding anything inconsistent contained in the meeting invite to which this acceptance pertains, this acceptance is restricted solely to confirming my availability for the proposed call and should not be construed in any manner as acceptance of any other terms or conditions. Specifically, nothing contained herein may be construed as an acceptance (or deemed acceptance)  of any request or notification for recording of the call, which  can be done only if it is based on my explicit and written consent and subject to the terms and conditions on which such consent has been granted”
> *******************************************************************************************************

-- 
// Sebastian Wagner <wagner at cert.at> - T: +43 1 5056416 7201
// CERT Austria - https://www.cert.at/
// Eine Initiative der nic.at GmbH - https://www.nic.at/
// Firmenbuchnummer 172568b, LG Salzburg


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.cert.at/pipermail/intelmq-users/attachments/20210407/ac083f4a/attachment.sig>

More information about the IntelMQ-users mailing list