Hi Patrick,
Am Montag 01 Juni 2020 16:27:24 schrieb Patrick Forsberg:
Anyone have a quick comparison between AbuseIO and IntelMQ?
I'm currently in the process of getting IntelMQ to work with IntelMQ-Mailgen to be able to send out abuse-emails to our constituency based on feeds like Shadowserver and since it seems like AbuseIO can do just about the same I would like to know the pros and cons of the systems.
for comparing AbuseIO and IntelMQ, I don't know AbuseIO enough.
However if you are looking into IntelMQ Mailgen from the system we call intelmq-cb-mailgen, https://github.com/Intevation/intelmq-mailgen-release that is the one we've been developing for the CERT-Bund, so we can tell you more about it, maybe this helps with the comparison.
The design idea is to be automated, flexible and high through-put. Thus there is a separation of concerns and several configuration places. You may have seen the overview diagram: https://raw.githubusercontent.com/Intevation/intelmq-mailgen/master/docs/not... There are rules within the IntelMQ export and additional notification formats scripts, those are quite flexible, so there is some learning curve.
Once set up, there can be millions of events handled per day automatically with several people being able to add manual data to the contacts database.
Feel free to ask us here or per direct email, if you have any questions or need help with setting it up.
Best Regards, Bernhard