[IntelMQ-dev] IntelMQ -> feed MISP
drupad8140 at gmail.com
drupad8140 at gmail.com
Fri Apr 16 09:27:43 CEST 2021
Hi Sebastian/ Bernhard,
Thank you
Sent from my Windows 10 device
From: Sebastian Wagner
Sent: 16 April 2021 12:55
To: intelmq-dev at lists.cert.at; Drupad Soni
Subject: Re: [IntelMQ-dev] IntelMQ -> feed MISP
Our documentation https://intelmq.readthedocs.io/en/latest/user/bots.html#misp-feed
links to https://www.circl.lu/doc/misp/managing-feeds/ for the configuration in MISP. You may want to read it.
Sebastian
On 4/16/21 9:10 AM, Bernhard Reiter wrote:
Hi Drupad,
Am Donnerstag 15 April 2021 17:56:18 schrieb Soni, Drupad:
Also I want your help in setting up misp output feed as below.
your image showed that you want all events to go into MISP as well
using
https://github.com/certtools/intelmq/blob/develop/intelmq/bots/outputs/misp/output_feed.py
Feed is working fine adding feed in misp doesn't show any feeds there.
I am not sure what is the gap here.
Me neither, my experience with MISP is limited, there are many functions
and ways to manually use MISP. When following the documentation, I could make
the api work, but I've not tested the feed. One possibility you have is to
ask the MISP people about how to further analyse the situation (Please give
them all the details.)
Best Regards,
Bernhard
_______________________________________________
IntelMQ-dev mailing list
https://lists.cert.at/cgi-bin/mailman/listinfo/intelmq-dev
https://intelmq.readthedocs.io/
--
// Sebastian Wagner <wagner at cert.at> - T: +43 1 5056416 7201
// CERT Austria - https://www.cert.at/
// Eine Initiative der nic.at GmbH - https://www.nic.at/
// Firmenbuchnummer 172568b, LG Salzburg
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cert.at/pipermail/intelmq-dev/attachments/20210416/ac767b87/attachment.htm>
More information about the IntelMQ-dev
mailing list