search

OpenCTI-Platform / connectors

OpenCTI Connectors
https://www.opencti.io
Apache License 2.0
365 stars 394 forks source link

[Zeek] Create connectors for import and export #551

Open rbnor opened 4 years ago

rbnor commented 4 years ago

Please replace every line in curly brackets { like this } with appropriate answers, and remove this line.

Problem to Solve

Want to be able to import and export zeek tab separated intel files

Current Workaround

converting to stiix for example or snort.

Proposed Solution

implement zeek intel on the platform

Additional Information

{ Any additional information, including logs or screenshots if you have any. }

rhaist commented 4 years ago

I am working on a command line client at the moment that also will be able to output indicators from OpenCTI in various formats. Adding Zeek to the TODO list and will update this issue once there is something to show.

SamuelHassine commented 3 years ago

@rhaist Any new on this one?

rhaist commented 3 years ago

No progress on the CLI client that's worth reporting yet.

The format itself is not that complicated. Might even be possible to generate that from the front-end export?

REF: https://github.com/CriticalPathSecurity/Zeek-Intelligence-Feeds