intelmq
intelmq copied to clipboard
certtools
IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.
https://github.com/certtools/malware_name_mapping can be used to map malware names with the IntelMQ modify bot. However the 500 regexp rules are tried sequentially and this is quite resource intensive. (One installlation uses...
See thread https://lists.cert.at/pipermail/intelmq-dev/2016-November/000136.html
The `intelmqctl run [bot-id] message` commands always initialize/start the bot instance, but this is not necessary and takes a lot of time.
- [ ] could there be any problems with redis? - [ ] do other messaging queues support binary data too? - [ ] check if there are any problems...
This PR brings updates to various files as mentioned in the issue #2636 where `type()` is replaced by `isinstance()` Closes #2636
All the `type(a) is b` and similar need to be replaced by `isinstance(a, b)`. Occurences that I found (automatically and manually): ```python intelmq/bin/intelmqdump.py: if type(value['traceback']) is not list: intelmq/bin/intelmqdump.py: if...
Some message's format deviate from the ususal format that we have, e.g. in the `intelmq.lib.exceptions` module * PipelineError: `"pipeline failed - %s"` * ConfigurationError: `"%s configuration failed - %s"` Also...
Create an output bot which calls an external program and gives the event data via standard out to it. Add usual formatting options (json, raw yes/not, hierarchical, etc)
Fix pylint errors and integrate it in travis After #632 as currently there are a lot of these errors: ``` Instance of 'Parameters' has no '...' member ```