This is more of a question, than an issue, but I couldn't find ther answer anywhere else.
I'd like to know if (and how) can I limit the number of events that ThreatIngestor creates in one run when using MISP API export feature.
The reson for this is I'd like to prevent TI from flooding my target MISP instance in case of a misconfiguration, or some sort of a malware outbreak that'd then be reported by multiple sources and scraped by TI all at once.
Hi,
This is more of a question, than an issue, but I couldn't find ther answer anywhere else. I'd like to know if (and how) can I limit the number of events that ThreatIngestor creates in one run when using MISP API export feature. The reson for this is I'd like to prevent TI from flooding my target MISP instance in case of a misconfiguration, or some sort of a malware outbreak that'd then be reported by multiple sources and scraped by TI all at once.
Thanks.