intelmq
intelmq copied to clipboard
certtools
IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.
Multiprocessing per queue is not supported. If you have to process a huge dataset and only a single process is handling a queue, you are time bound with DNS resolution...
Added the following to honor the "to_ids" attribute of MISP: * added the new field "misp.to_ids" to harmonization.conf (Boolean) * added the new parameter "only_ids" to the MISP parser *...
Extremely basic, probably too slow, but simple and working Syslog collector over UDP. We will probably not be running this in production, but I had already written it as a...
This is my first output bot contribution, and should be considered a work in progress. This output bot goes a bit farther than simply outputting all threat intel to a...
demo of how to use the domaintools expert to fetch scoring for a domain
The old BOTS file used very descriptive and comprehensible bot names. With #1751 the names are derived from the class names which comes with major changes in the bot names....
As the verification of the certificate chain only is done on secure http connections (with TLS), the parameter name `https_verify_cert` with an **s** seems to be more intuitive. :)
Some ideas from @otmarlendl What happens when we create a bigger network of intelmq instances? We might have loops. Proposed solutions: * add UUID field to eventdb. Only add events...
related to the pull request #171 Check this [code](https://github.com/certtools/intelmq/pull/171/commits/0666a8167d4f980347b01d41550992fab014a472)
# To discuss: Currently aggregation cannot be achieved within IntelMQ, it's done in additional components, which depend on the EventDB. This aggregation is used in order to create notification E-Mails...
