AndreC10002
AndreC10002
And the JSON file of an event: { "Event": { "extends_uuid": "", "publish_timestamp": 1577336929, "info": "Active DGA for Bamital", "threat_level_id": 1, "published": true, "analysis": 1, "date": "2019-12-25", "uuid": "5e04405d-af64-4215-828c-0af3ac110002", "timestamp":...
I see. Not sure why that happened, but with the latest version of PyMISP the manifest.json looks OK. Does it look OK to you? But the error persists: ``` {...
I'm running Python 3.8.1 and PyMISP 2.4.119.1. The servers (both exporting and importing) run MISP v2.4.119.
I'm probably missing the point here, but now I don't see any structural difference between my manifest.json and yours. And, because my understanding of how MISP ingests feeds is very...
Again, sorry for the multiple messages but I'm writing as I try to debug it. This is odd, I replaced the manifest.json file with yours and expected the importing server...
OK, I found the problem. And it is very odd and not related to PyMISP, but to MISP itself. The feed was hosted in an URL like this: https://www.example.com/misp/bla:c2_address That...
I can open a feature request, but it'd be great to have an import log so to know if something went wrong and what wasn't imported properly.
A workaround is to modify 'tasks/deps/geolitecity' as follows: #curl --location --retry 3 --fail --remote-name https://geolite.maxmind.com/download/geoip/database/GeoLite2-City.tar.gz curl --location --retry 3 --fail https://raw.githubusercontent.com/DocSpring/geolite2-city-mirror/master/GeoLite2-City.tar.gz > GeoLite2-City.tar.gz Unfortunately, this file available on Github is...
Sorry, the function should actually look like this instead or the connection with the requesting party will remain open: def dataReceived(self, data): _q_s.logs.info({'server': 'http_proxy_server', 'action': 'connection', 'src_ip': self.transport.getPeer().host, 'src_port': self.transport.getPeer().port,...
I'd like to suggest taking advantage of certbot (Let's Encrypt) to create / renew trusted instead of self signed certificates.