search

telekom-security / tpotce

🍯 T-Pot - The All In One Multi Honeypot Platform 🐝
GNU General Public License v3.0
6.9k stars 1.09k forks source link

STIXX/taxii Feeds out Sicherheitstacho/DTAG #86

Closed necrose99 closed 7 years ago

necrose99 commented 7 years ago

Contribution

Thank you for your decision to contribute to T-Pot.

STIXX Feeds out Sicherheitstacho etc stixx , Cybox MAEC feeds in feeds out .. https://github.com/AlienVault-Labs/OTX-Apps-TAXII https://github.com/eclecticiq can more or less correlate types of attacks from many stixx/taxii and feed sources... https://github.com/TAXIIProject

be able to get output feeds about attacks being sent to the DTAG network. as well as others from sources. and better share credible data. via feeds.
I work in a SOC , so more feeds , to a SIEM the better it can work..

if possible may be permitted to set up for our new secops testlab .

t3chn0m4g3 commented 7 years ago

Basically this seems to be a duplicate of #79 You can provide your own logstash.yml and export the logs as discussed.