[Feature] Create zkg.meta for ZKG compatibility

[vrijicon]

My first issue I've ever submitted. I'm looking to drop this into a Zeek deployment using ZKG rather then through the defined means. The command I used was: zkg install https://github.com/CriticalPathSecurity/Zeek-Intelligence-Feeds The error I got then was: error: invalid package "https://github.com/CriticalPathSecurity/Zeek-Intelligence-Feeds": missing zkg.meta (or bro-pkg.meta) metadata file Some resources related to this can be found here: https://docs.zeek.org/projects/package-manager/en/stable/package.html

While drafting this issue, I realized that the cronjob is necessary to maintain updated feeds, and I'm realizing that may conflict with using this proposed method of deployment (zkg vs. cronjob-github/manual).

My formal request is to see if we could implement a zkg.meta file, for zkg installation. But I'd like to see what the author(s) think of this, and if this was already considered in the past.

[Patrick-Kelley]

This will likely require some considerable thought.

The threat feeds are intentionally dynamic, which makes packaged installation tough. I also don't want to "force" changes into cron without the operator knowing clearly that we are doing so.

I'll think about it this week.