intelmq
intelmq copied to clipboard
certtools
IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.
When multiple fields are listed in the `MISPAPIOutputBot`'s `significant_fields` setting, the bot uses PyMISP’s `build_complex_query` to construct a query (e.g., `{'AND': ['12.123.21.21', 'foobar.com']}`) and passes it to the `value` argument...
was introduced by b0447aea601cc066cbbc3dc3a11e2bea609f3bdb long ago better use the command line tool `jq` for that purpose, it's more powerful
``` /home/sebastianw/dev/intelmq/intelmq/lib/message.py:17: DeprecationWarning: pkg_resources is deprecated as an API. See https://setuptools.pypa.io/en/latest/pkg_resources.html from pkg_resources import resource_filename ``` Used in these files: - `intelmq/bin/intelmqctl.py` - `intelmq/bin/intelmqsetup.py` - `intelmq/bots/collectors/shodan/collector_stream.py` - `intelmq/bots/parsers/ioc_extractor/parser.py` - `intelmq/lib/bot.py`...
The bot encountered this kind of error when processing emails containing non-ASCII characters (e.g., accents or special symbols): `UnicodeEncodeError: 'ascii' codec can't encode character '\xe0' in position 4: ordinal not...
We'd like to have a caching option for sql-database lookups. The bot fetches all data from the table initially and makes its looukups only on the dict. The relaod signals...
E.g. ``` intelmqctl start -c log_level=DEBUG file-output ```
A command which start all bots - [ ] "downstream" from given but in direction of outputs - [ ] "upstream" from given bot in direction of collectors So with...
Should be preformed automatically in build-environments / for built packages.
`python3-systemd` allows simple logging to systemd: ``` python >>> from systemd import journal >>> log = logging.getLogger('custom_logger_name') >>> log.propagate = False >>> log.addHandler(journal.JournalHandler()) >>> log.error("Some message: %s", detail) ``` And...
- [requests](http://docs.python-requests.org/en/latest/user/advanced/#ssl-cert-verification) uses it's own store, which is basically a copy of mozilla's. The package by ubuntu-maintaines uses the system store. - sleekxmpp requires to get the path to a...