connectors
connectors copied to clipboard
OpenCTI Connectors
## Description When viewing a report in OCTI, and viewing entities, there will be no observables in the entities screen, even though these existed in the corresponding report in the...
## Use case Be able to store the score or any additional information in Sentinel ## Proposed Solution Following the recommendation of Microsoft, the idea is to store the score...
The connector ingests IOCs from the Loader Insight Agency File Feed and creates relationships that provides context to the IOCs such as which malware downloaded which payload, from where and...
This PR adds two new connectors, a `stream/stream-exporter` and a `external-import/stream-importer`. The goal is to be able to synchronize two OpenCTI instances that don't have access to each other. The...
Ensure sufficient context is sent to Splunk to enable SOC analysts to properly qualify alerts. In some organizations, it can be challenging to change SOC analysts' workflows and require them...
On 6.3.1, I am seeing the below error for ImportFileStix: ``` {"timestamp": "2024-09-24T09:20:34.869767Z", "level": "ERROR", "name": "ImportFileStix", "message": "Error in message processing, reporting error to API", "exc_info": "Traceback (most recent...
## Description Since updating to OpenCTI 6.3.4 from 6.2.18 the Infoblox connector no longer pulls in threat intelligence. Error logs are shown below in Actual Output. We jumped from 6.2.18...
Hi, I noticed that the report is recorded with a publication date or original date based on when it was published and when the attack was observed. Consequently, the relationships...
## Prerequisites - [x] I read the [Deployment and Setup](https://docs.opencti.io/latest/deployment/overview/) section of the OpenCTI documentation as well as the [Troubleshooting](https://docs.opencti.io/latest/deployment/troubleshooting/) page and didn't find anything relevant to my problem. -...
### Proposed changes * * ### Related issues * * ### Checklist - [x] I consider the submitted work as finished - [x] I tested the code for its functionality...