I attempted to query twitter for specific malware types so that I could could tag them in MISP. Is this the correct way to go about this? When the config was much smaller it was correctly tagging. As it got bigger it now tags them all the same. All of the sources seem to come into my misp instance with the same emotet tags. Even though ive used allowed sources. Can someone else sanity check this config for me.
I attempted to query twitter for specific malware types so that I could could tag them in MISP. Is this the correct way to go about this? When the config was much smaller it was correctly tagging. As it got bigger it now tags them all the same. All of the sources seem to come into my misp instance with the same emotet tags. Even though ive used allowed sources. Can someone else sanity check this config for me.
Config.yml