[IntelMQ-users] [IntelMQ] Question about harmonization.conf
Sebix
sebix at sebix.at
Fri Dec 17 16:19:09 CET 2021
Dear Jonathan, dear Mika,
On 12/17/21 1:12 PM, Jonathan SCOUPREMAN via IntelMQ-users wrote:
> Could you please tell me the difference? Unfortunately, I was not able
to find hints in the current documentation.
Yeah, that part is missing in the docs, it was only part of (my)
presentations/workshops. Needless to say: PRs for the Docs and other
contributions are always welcome :)
> Also, as I see «report», does that mean IntelMQ has a reporting
capability ? As far as I know IntelMQ doesn’t provide a reporting
capability, hence my doubt. 😊
Depends very much on your understand of reporting.
On 12/17/21 3:17 PM, Mika Silander wrote:
> I'll stop here in the hope the above helps. More seasoned developers
> may continue from hereon (and correct me along the way if necessary).
Excellent answer, haven't found anything to correct ;)
Small additions for context:
The report contains just raw data fetched from the source, plus some
metadata of the collection process which may be needed or useful afterwards.
In IntelMQ 3.0 we have renamed the "Data Harmonization Ontology" to
"IntelMQ/Internal Data Format" (IDF). The choice to name the data format
"Harmonization" comes from the fact that, in the beginnings of IntelMQ
back in 2015, Thomas Lima harmonized different format that were out
there, most importantly AbuseHelper and ElasticSearch's ECS. The file
name harmonization.conf is just a leftover from the recent renaming,
which we intentionally left as is to minimize the migration burden and
wait for other potential refactorings in this area (e.g. moving the file
elsewhere, changing the format, completely obsolete it, ... whatever).
Sebastian
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cert.at/pipermail/intelmq-users/attachments/20211217/6e1c3bbb/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.cert.at/pipermail/intelmq-users/attachments/20211217/6e1c3bbb/attachment.sig>
More information about the IntelMQ-users
mailing list