intelmq
intelmq copied to clipboard
certtools
IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.
I believe this should be using `source.port`: https://github.com/certtools/intelmq/blob/ce60fd4bf65b0ca2d98ac05c4db658890dbac1a3/intelmq/bots/parsers/spamhaus/parser_cert.py#L168
`intelmqctl check` tries to import all bots to check if they exists and some other checks: https://github.com/certtools/intelmq/blob/0221a2507b05dcccaea9ac239bb9e13fa48ce4bc/intelmq/bin/intelmqctl.py#L923-L929 However, if the bot has a syntax error, this causes `intelmqctl check` to...
Preconditions: - No log file `$logdir/intelmqctl.log` exists `intelmqctl` is called as root instead of user intelmq, e.g. in setup scripts or by user error. The initialization of `intelmqctl` is able...
Currently, `intelmqsetup` calls `intelmq upgrade-config` also on new installations. This results in a lot of "nothing to do" migrations: ``` Calling `intelmqctl upgrade-config` to update/create state file. Writing initial state...
As we are running the IntelMQ for quite some time now, the mailbox gets really cluttered. It would be nice if the mail collector could also remove old emails. This...
Hello, We have an instance of intelMQ with MISP correlation. We ingest from MISP-collector (and a lot of other sources) data and we have an expert to correlate information from...
It seems that this morning the Turris graylist has been updated. The CSV file location has been changed from `https://project.turris.cz/greylist-data/greylist-latest.csv` to `https://view.sentinel.turris.cz/greylist-data/greylist-latest.csv`. `http_url` parameter in `bots.collectors.http.collector_http` bot should be changed...
### What? I know there are [general recommendations](https://intelmq.readthedocs.io/en/maintenance/dev/data-format.html#id17) in the docs. However I am proposing to create a definition of: - required fields for each classification type - disallowed fields...
- [ ] all CLI components could highly benefit from using [typer](https://typer.tiangolo.com/tutorial/first-steps/) - [ ] support redis streams - [ ] LDAP enrichment bot (which must also be compatible with...
