intelmq icon indicating copy to clipboard operation
intelmq copied to clipboard
verified publisher icon certtools

Modify bot: support multiple config files

Open ghost opened this issue 8 years ago • 2 comments

We currently have two config files which do overlap each other. In the future

  • the number of rules will increase (e.g. with a more complete malware name-family mapping) and consequently
  • not all rules are useful for all users.

So I think we need to split these configuration parts into more files.

My idea is that the bot itself could resolve globs in the filename (e.g. /var/lib/intelmq/bots/modify/*.conf) and read them all.

ghost avatar May 30 '17 08:05 ghost

I noticed this just after logging it, but #1026 is another proposal addressing the same issue.

chorsley avatar Jun 28 '17 12:06 chorsley

current example is smaller now because of the malware name mapping

ghost avatar Jun 18 '18 15:06 ghost