Dear incident handling automation tools list,
dear IntelMQ folks,
First of all, after extensive feedback from many of you, we do have a high level requirements document
for IntelMQ 3.0. It's here: https://github.com/certtools/intelmq/blob/version-3.0-ideas/docs/architectu…
This shall serve as a high level blueprint for IntelMQ 3.0 developments. Sebastian is working on prioritising individual
items for CERT.at and then we will create individual GitHub issues and people (mostly at CERT.at) will be hacking away at it.
Looking forward to this release.
I'll be guiding this release however, I won't be working at CERT.at anymore starting on the 15th of Nov.
Which brings me to an important conclusion:
I thought long about it what we should do when core people leave CERT.at (as in my case, or... maybe Sebastian will leave one day
or get run over by the famous bus which always seems to run over every team member according to manager's expectations ;-) )
In any case, the most solid approach seems to remember what IntelMQ actually is - a **community project**.
It started as one, it is one , it will be one.
In the last years, CERT.at did a lot of the heavy lifting and also a lot of the decisions on IntelMQ's future.
However, with a couple of hundred (600?) installations worldwide, it would be wise to create an **advisory board/architecture board**
for the future developments. I would envision a small-ish group of 4-8 people who take the responsibility of guiding the project for the next ~5 years.
This means:
- staying on top of current developments
- coordinating with the other group members
- coming up with a strategy and procedures (for example, compare with PEP, maybe a lightweight PEP approach is enough)
etc.
- ultimately, guiding the project
It's work, for sure. You should have some passion for the project of course.
I sent out a couple of invite requests to individuals but also would be interested to hear from you, if you would like to participate in such
an effort.
Hence, IntelMQ will become its own entity. And that's good, healthy and ensures a maximum benefit for many users.
If you would like to be on that board, please send me an email.
I'll guide it initially and get everything started.
All the best,
Aaron Kaplan
(private email address for the future: aaron(a)lo-res.org)
PS: we already have one or two companies offering development support for IntelMQ, I would like that they can thrive in this project as well - on a friendly basis. In the long run, this will make the project stronger.
--
// L. Aaron Kaplan <kaplan(a)cert.at> - T: +43 1 5056416 78
// CERT Austria - https://www.cert.at/
// Eine Initiative der nic.at GmbH - http://www.nic.at/
// Firmenbuchnummer 172568b, LG Salzburg
Dear community,
I have two news items for you, both related to documentation:
First, there is an IntelMQ Tutorial, which guides through various
features and tools of IntelMQ.
Lesson one introduces the architecture, concepts and terminology of the
project. Lessons two and three delve hands-on into working with IntelMQ.
Starting with installation and basic usage & configuration they go on to
tackle progressively more advanced topics like using advanced features
or changing the message queue software to be used. Solutions and
explanations are offered for all tasks. In the last lesson you'll learn
how to use intelmq-tools, a third-party software which makes
customization of your IntelMQ instance much easier.
We think that this kind of interactive online documentation is
especially important nowadays when conferences and workshops cannot take
place in real life.
As for all other IntelMQ components, we welcome any contributions and
feedback to the tutorial.
-> https://github.com/certtools/intelmq-tutorial
Second, we have a new IntelMQ Documentation page:
We completely revised the way IntelMQ's documentation is presented:
Instead of single files in the source-code repository, the best place to
read the documentation is now intelmq.readthedocs.io. All pages are
generated using Sphinx, the de facto standard tool for documentation. It
features a better reading experience and a significantly improved
navigation. Furthermore, the new page offers an integrated search as
well as module index covering the complete code documentation
If you find any bugs or have improvements, please let us know!
-> https://intelmq.readthedocs.io/
best regards
Sebastian
--
// Sebastian Wagner <wagner(a)cert.at> - T: +43 1 5056416 7201
// CERT Austria - https://www.cert.at/
// Eine Initiative der nic.at GmbH - https://www.nic.at/
// Firmenbuchnummer 172568b, LG Salzburg