Thomas Chopitea

There's no documentation. I'll try to come up with something this weekend unless @gaelmuller has instructions handy and can update the documentation. I'll assign this to him for now.

Not super happy the way verification is implemented, but I opened https://github.com/Neo23x0/sigma/issues/59 to see if an API with richer parsing capabilities (ie. respecting the actual sigma schema) was in the...

Yes, definitely! It would be nice to add it as an observable type. Where would you say we would get the "source data" from?

Just to be clear: you mean you would want a TAXII wrapper for a STIX representation of the data in Yeti? If it's only XML wrapped in XML, export templates...

@LilaLipetti I know this is very confusing, but https://github.com/TAXIIProject/yeti has no relation whatsoever to this Yeti project.

Interesting. Maybe we should decouple the "installation" steps from Docker then and just have a special docker container for workers and scheduler. WDYT?

I think it's worth spending some time to create another docker image where only the workers are started. It doesn't make sense to use startup daemons in docker images (my...

@jekil Can you tell me which image you're using to run Yeti in docker? We don't seem to reference systemd in them.

Are you requesting a general user manual or a specific one on how to use imports? Please provide more information as to what behavior you are observing.

There's actually a pretty powerful "permission matrix" built-into Yeti (accessible on another user's profile page), which I think you could use to cover the use-cases you mention. Maybe that can...