intelmq
intelmq copied to clipboard
certtools
IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.
In another program but in a similar context we encountered a problem with long-running HTTP-requests. More specifically, in a request the data rate drops significantly sometimes to a very low...
subject says it all. This is not what we intended to have. Re-do in version 2.
I'd like to add another generic parser, this time for json reports. While the csv parser was pretty straightforward, this one seems a bit more tricky. Transforming generic json to...
intelMQ shall support cryptographic verification and sending of emails. There are two competing, well distributed standards for crypto email: 1. Object-Format: OpenPGP Email-Format: OpenPGP/MIME 2. Object-Format: CMS Email-Format: S/MIME To...
Intelmq should support x-arf from http://www.x-arf.org This reading emails and sending emails. Sending will (most likely) be added to https://github.com/Intevation/intelmq-mailgen/issues/2 first, see progress there.
Additional option for generic csv parser: timezone correction. The timezone offset is often not given in the time-column, so it should be defined manually. Possible configuration format: `+10:00`, `-8` etc....
The restore routine saves the file for every message again. This should be only done once at the end.
Currently our `intelmqdump` tool is not very good at handling many dumped events. It lists them all and the user gets a great wall of text, impossible to interpret. Ideas:...
Recently encountered a problem with false positives from various source feeds. I would like to have some whitelists/exceptions in place, however I can see more approaches to do that. The...
user_agent is quite common , please make it it's own outright field.