Closed mathurin68 closed 5 years ago
Hi! This is possible, but you'd have to split them out manually, with one MISP operator for each grouping. Each operator can define its own tags, and only process from the sources you allow. Eg:
- name: mymisp-twitter
module: misp
credentials: misp-auth
tags: [type:OSINT, my-misp-twitter-tag-1]
allowed_sources: [my-twitter-source-*]
- name: mymisp-rss
module: misp
credentials: misp-auth
tags: [type:OSINT, my-misp-rss-tag-1]
allowed_sources: [my-rss-source-*]
Hope that makes sense. :)
Sorry this took me so long to respond, this is awesome thank you!
I saw this in the manual...
But is there a way to add a different tag for each source pushed to MISP? I.E. Twitter or RSS
Thank you so much for releasing this tool too!