On 12/13/24 1:29 PM, Mika Silander via IntelMQ-dev wrote:
I'm attempting to find a suitable collector for retrieving the Abusech Feodo Tracker feed (https://feodotracker.abuse.ch/downloads/ipblocklist.json). Afaiks, the ready-made Abusech Feodo Tracker parser expects reports in plain JSON but the available http collectors are manipulating the retrieved information in one way or the other before passing it on to the parser.
Not sure what you mean with the http collector data manipulation, but to me it appears that the feodotracker is either dysfunctional or dead. Not one of the data feed files contains actual data.
I'll try to get some information on the feed's status from Spamhaus.
best regards Sebastian