Open ghost opened 8 years ago
@cgalligan Are you looking for something push button or are you ok with doing a little development?
I'm ok with doing some development or querying the database directly; just not sure of the format
I recommend checking out the API. It should be easy to grab what you want and out put it in any format you want.
Can you point me towards the API details or some examples?
I didn't find the API documentation (link didn't resolve in the threat_note interface), but was able to get the information via the .db file in the threat_note directory. Via sqlite (ubuntu):
The indicators.csv file should be in the same folder you opened sqlite from
Is there a way to export indicators to a CSV?