creideiki
creideiki
There is a further wrinkle concerning this, which is that while the RPM packages depend on `termstyle`: ``` # rpm -q --requires python3-intelmq | grep dist.*termstyle python3.8dist(termstyle) >= 0.1.10 ```...
> This PR is marked as draft, is this intentional? Yes, as I do not consider this functionality even remotely ready for production. I made this as a proof of...
Something like this (which is totally untested)? This does present the problem that there is already a collector named "tcp", which accepts IntelMQ messages, not raw bytes. Maybe this should...
Great, thanks! I'll make a note of updating this pull request once we've migrated this bot to 3.0 and cleaned it up a bit.
Pushed a new and improved design, now sort of conforming a bit more to the rest of IntelMQ. Split the horrible hardcoded monolithic mess of a collector that basically only...
I have force-pushed a new version of this set of bots, which is what we have been running internally for a while. They should be ready for review now. This...
Thanks for taking a look at this. Unfortunately, there are some weird problems with the API right now which in the worst case may force a redesign. When we started...
We have not heard anything more from Microsoft. The old API used here is still documented, the new API doesn't supply all the information the old one does (and that...
That does seem to be the case, at least when the botnet is configured to work around the deficiencies. That configuration would need to be documented. And we have a...
There is now a third API, which does seem to contain all the information we want to use, but is in beta and explicitly not for production use: https://learn.microsoft.com/en-us/graph/api/security-list-alerts_v2 I'm...