intelmq
intelmq copied to clipboard
certtools
IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.
The PostgreSQL JSOB column explicitly disallow saving nullbytes like `\u0000`: https://www.postgresql.org/docs/current/datatype-json.html This has been previously addressed in https://github.com/certtools/intelmq/issues/2203 Yet, the fix based on simply replace causes another issue: if the...
``` [ 111s] ====================================================================== [ 111s] FAIL: test_get_bot_module_name_builtin_bot (intelmq.tests.lib.test_utils.TestUtils.test_get_bot_module_name_builtin_bot) [ 111s] ---------------------------------------------------------------------- [ 111s] Traceback (most recent call last): [ 111s] File "/usr/src/packages/BUILD/.pybuild/cpython3_3.13_intelmq/build/intelmq/tests/lib/test_utils.py", line 367, in test_get_bot_module_name_builtin_bot [ 111s] self.assertEqual("intelmq.bots.collectors.api.collector_api",...
My proposal is to implement miniterface. This gives us various advantages. # Automatic GUI and colourful helps If left empty, there is an automatic wizzard. Note the file-picker button. ```bash...
The `intelmqctl check` tool says only *leftover queue* Add a tool in intelmqctl to delete them?
Processing of data depends on bottlenecks in the whole workflow. On the same time, the prepared events sit in queues, and some reports can produce a huge amount of events....
``` Removing intelmq (3.4.1~alpha1-1) ... userdel: user intelmq is currently used by process 1980 dpkg: error processing package intelmq (--remove): installed intelmq package post-removal script subprocess returned error exit status...
Currently the Redis output can only write to queues (lists) using LPUSH. Having the possibility to use [SET](https://redis.io/commands/set) in conjunction with setting a TTL would enable IntelMQ to generate blacklists...
Currently all the dump files are valid JSON files, which means that for every message to be dumped, this happens: * Read and parse the full dump-file * Append the...
There is a new DataPlane.org feed you may wish to add to your collection of existing DataPlane.org feeds. I had intended to fork and send a pull request with the...
