Filtering Non-Invasive Behaviors in Glastopf Reports to MHN

[DreamRuthenium]

I have successfully deployed Glastopf in conjunction with MHN (Modern Honey Network), a platform designed to centralize alerts using hpfeeds. However, I've noticed an issue where even non-invasive behaviors, such as spider requests and benign requests (e.g., for style.css), are being reported to MHN. This results in a large number of false alerts.

Is there a way to configure Glastopf to only report truly invasive behaviors? I am looking for a solution to reduce the volume of these non-critical alerts.

Thank you for your assistance.

[glaslos]

Hey, did you consider using SNARE? You could modify the rules into a module which does not report.

[DreamRuthenium]

Thanks, I'll try it