wesyoung
commented
6 years ago hi,
- do you have publicly available examples ?
- do those examples closely match any of these? https://github.com/csirtgadgets/bearded-avenger/tree/master/rules/default
Closed shrishti01 closed 6 years ago
wesyoung
commented
6 years ago hi,
shrishti01
commented
6 years ago Hi,
I don't have any publicly available example .. But I want to integrate it, Please guide me or provide me with related scripts....
Thanks In advance
wesyoung
commented
6 years ago do their feeds match anything in that rules directory i linked to? that'd be a great place to start- find a feed in there that matches closely to your IBM stuff and then start tweaking it...
shrishti01
commented
6 years ago HI, I think we have to generate a new rule for this I tried doing it but not getting any output .
I am attaching my file with it .. Hoping for help..
Thanks in advance
shrishti01
commented
6 years ago Hi,
Can you please let us know , how to provide external source feeds to installed cif server. Basically we have to integrate new sources in our cif server for threat intelligence feeds.
Your guidance will be of great help.
Thanks in Advance
wesyoung
commented
6 years ago you probably want to "cron" that curl command */15 or so to write the feed to something like, /tmp/xforce.txt, then set the 'remote' to 'file:///tmp/xforce.txt' and try again.
if you're just starting out- you may wanna re-try with CIFv3 as v2 is going EOL soon.
https://github.com/csirtgadgets/bearded-avenger-deploymentkit/wiki
Hello,
can you please tell me how can i integrate IBM feeds in my CIF server database.
Thanking in advance