[IntelMQ-dev] update on IEP04
L. Aaron Kaplan
aaron at lo-res.org
Fri Jun 3 12:09:18 CEST 2022
Dear IntelMQ community,
in the last call on May 25th 2022, we converged on IEP04 (https://github.com/certtools/ieps/).
Summary is that we will stay as close as possible to the AIL-exchange format which is fulfilling all our requirements for IntelMQ-to-IntelMQ communication.
Also the UUID discussion was resolved.
As part of the JTAN-hackathon at CIRCL, the AIL-exchange format was formalised as a JSON-Schema (https://github.com/certtools/ieps/blob/main/004/schema/schema.json) which will also allow us in IntelMQ to use it and to even verify data coming in to an IntelMQ instance.
So, now that it is formalised, we'll see how to write collectors and output processors/bots for IntelMQ to IntelMQ communications.
Thanks for the patience for IEP04 and I am happy that we have a solution now.
Best,
Aaron Kaplan.
More information about the IntelMQ-dev
mailing list