Dear IntelMQ operators
We have two news for you regarding the deb packages for Debian and Ubuntu:
- A new package 'intelmq-contrib' - Drop of Ubuntu 20.04 packages
For the standard repository, they will be in effect with the next IntelMQ release 4.1.0 in August. The changes are already effective for the unstable repository (https://docs.intelmq.org/latest/dev/bot-development/?h=unstable#testing-pre-...).
These changes were backed by CSIRT.LI. Thank you!
More details:
New package 'intelmq-contrib' -----------------------------
- EventDB tools: - https://github.com/certtools/intelmq/tree/develop/contrib/eventdb#readme - A script to apply the Malware Name Mapping to an existing database - A script to apply Domain Suffixes to an existing database - A PostgreSQL trigger keeping track of the oldest "time.source" - A script to export EventDB data to JSON, to use it in IntelMQ again - Example extension package template - https://docs.intelmq.org/latest/dev/extensions-packages/ - Feeds Config Generator - https://github.com/certtools/intelmq/tree/develop/contrib/feeds-config-gener... - Malware Name Mapping Downloader - https://github.com/certtools/intelmq/tree/develop/contrib/malware_name_mappi... - Script to update the locally downloaded mapping - prettyprint script - systemd tools - logcheck rules: - moved from the main package to the contrib package - https://github.com/certtools/intelmq/tree/develop/contrib/logcheck#readme - A ruleset with patterns of (non-)error IntelMQ log lines for alerting purposes
Drop of Ubuntu 20.04 packages -----------------------------
As the package builds on Ubuntu 20.04 didn't work, and given that standard support for this version already ended, the next IntelMQ version will not be packaged for 20.04.
The target operating systems for the packages are then: - Debian 11 Bullseye - Debian 12 Bookworm - Ubuntu 22.04 Jammy - Ubuntu 24.04 Noble
If you have questions, concerns or other feedback about this, please get in touch with us.
Best regards