Closed trizzosk closed 1 month ago
Hi,
To resolve this issue, I will guide you through the checks and actions needed to ensure the proper functioning of Threats Watcher.
First of all, have you executed the "populate_db" command to add the banned words and the RSS sources related to cybersecurity? Please refer to the documentation here: https://thalesgroup-cert.github.io/Watcher/README.html#populate-your-database
You can also personalize the RSS feeds by adding your own: https://thalesgroup-cert.github.io/Watcher/README.html#add-your-rss-source-to-threats-detection
After completing this operation, please wait about an hour before seeing the first words appear.
Regarding your proxy configuration, it is important to verify that the RSS source URLs are not blocked. If your proxy is restrictive, make sure to whitelist the URLs so they can be accessed without errors.
Finally, since our latest update (v2.0), we no longer use sources from Twitter (x.com) due to changes in API pricing. We now rely exclusively on RSS sources from websites. Here is the exact list: https://github.com/thalesgroup-cert/Watcher/blob/master/Watcher/Watcher/threats_watcher/datas/sources.csv
Best regards, Ygal
Hello,
I did all the steps (populate_db), check the corporate proxy for blocking (most of the RSS feeds used are "standard" web pages so no blocking on network level). Let us wait a bit.
Regarding the API -> let's assume I do have an API key for doing searches etc. -> any options to integrate x.com source again?
Thx, Marian.
P.S.: I will post an update after 1-2 hours about keyrwords....
Hi @ygalnezri
Thx - although I made populate_db after first deployment, this time I made it it started to work properly.
Thx, I will close the issue as solved.
Hi,
thx a lot for nice tool. I made a clear installation yesterday, using docker deployment (running as docker containers). Everything seems to work properly, except main page.
Screenshot:
Indeed I already added some domains, keywords etc. for monitoring - so the rest of application is working properly. I assume that the twitter (x.com) needs some configuration for the API key... but documentation does not reference for anything.... My instance is inside LAn network behind proxy server (http based, no auth).
Any clues?
thx.