Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.
When fetching updates for MISP / TAXII zeek intel feeds, we need to adjust the logic so that if all of the URLs associated with that feed type fail, don't zero out the previously existing intel file, instead just leave it in place and log a message that it occurred.
When fetching updates for MISP / TAXII zeek intel feeds, we need to adjust the logic so that if all of the URLs associated with that feed type fail, don't zero out the previously existing intel file, instead just leave it in place and log a message that it occurred.