[IntelMQ-dev] Request for Testing and Feedback: Shadowserver API collector and parser
Birger Schacht
schacht at cert.at
Tue Jan 19 09:15:58 CET 2021
Hi,
Shadowserver nowadays not only sends out reports by Mail but also
provides an API [0] to query reports.
We recently implemented a Shadowserver Reports API collector bot [1]
that downloads the reports from the API and feeds them into IntelMQ. To
parse the downloaded feeds (in JSON format) we built upon the existing
Shadowserver parsing logic and created a JSON parser [2] that's meant to
be used together with the Shadowserver Reports API collector bot.
If anyone is interested in testing the collector and parser that would
be great- any feedback, bug reports or improvements are highly
appreciated. To use the collector you will need a Report API Key, which
you can request on [3].
cheers,
Birger
[0]
https://www.shadowserver.org/what-we-do/network-reporting/api-reports-query/
[1]
https://intelmq.readthedocs.io/en/latest/user/bots.html#shadowserver-reports-api
[2] https://intelmq.readthedocs.io/en/latest/user/bots.html#shadowserver
[3] https://www.shadowserver.org/contact/
--
// Birger Schacht <schacht at cert.at>
// CERT Austria - https://www.cert.at/
// Eine Initiative der nic.at GmbH - https://www.nic.at/
// Firmenbuchnummer 172568b, LG Salzburg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0x3A3C547D2D48D997.asc
Type: application/pgp-keys
Size: 5392 bytes
Desc: not available
URL: <http://lists.cert.at/pipermail/intelmq-dev/attachments/20210119/2493510a/attachment.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.cert.at/pipermail/intelmq-dev/attachments/20210119/2493510a/attachment.sig>
More information about the IntelMQ-dev
mailing list