intelmq icon indicating copy to clipboard operation
intelmq copied to clipboard
verified publisher icon certtools

Log4j - Collector & Parser

Open YeomansM opened this issue 4 years ago • 5 comments

Dear All,

May i ask whether you were thinking to add Log4j for shadowserver feeds within its collector api and parser?

Perhaps we can be of assistance?

Regards Matthew

YeomansM avatar Dec 21 '21 11:12 YeomansM

The Shadowserver Reports API collector is able to fetch all feeds, just the parser is missing the mapping.

Here's some public information: https://www.shadowserver.org/what-we-do/network-reporting/vulnerable-log4j-servers-special-report/ Looks easy to do (if the documentation does not deviate from the actually used format)

sebix avatar Dec 21 '21 11:12 sebix

That is a good point, all what is missing is the parser.

Unless other people already volunteered, I would love to give it a try.

Thanks Matthew

YeomansM avatar Dec 27 '21 13:12 YeomansM

Unless other people already volunteered, I would love to give it a try.

I haven't noticed any attempt yet, so feel free. If you need any help, ping me.

sebix avatar Dec 28 '21 16:12 sebix

@elsif2 I think you PR closes this issue

sebix avatar Jul 01 '22 19:07 sebix

Yes, that is correct.

elsif2 avatar Jul 01 '22 19:07 elsif2

Fixed by #2227

sebix avatar Sep 05 '22 07:09 sebix