cplmayo
commented
1 year ago Did you ever get this figured out; wanting to get Zeek and Misp working but nothing seems to be maintained anymore
Open amrroq opened 1 year ago
cplmayo
commented
1 year ago Did you ever get this figured out; wanting to get Zeek and Misp working but nothing seems to be maintained anymore
amrroq
commented
1 year ago Nope, I've been focusing my efforts on zeekjs-misp now.
Receiving this error when running zeekctl deploy:
warning in /opt/zeek/spool/installed-scripts-do-not-touch/site/dovehawk/./scripts/./dovehawk.zeek, lines 73-84: "when" statement referring to locals without an explicit [] capture is deprecated: dovehawk::req, dovehawk::cmd, dovehawk::bodyfile, dovehawk::headersfile, dovehawk::stdin_data (when (dovehawk::result = Exec::run((coerce [$cmd=dovehawk::cmd, $stdin=dovehawk::stdin_data, $read_files=set(dovehawk::bodyfile, dovehawk::headersfile)] to Exec::Command))) { if (!(dovehawk::result?$files && dovehawk::headersfile in dovehawk::result$files)) { print download error 1Reporter::error(fmt(There was a failure when requesting "%s" with ActiveHTTP., dovehawk::req$url))return (to_any_coercevector())}return (to_any_coercedovehawk::result$files[dovehawk::bodyfile])})We can generate a file w/ bro indicators from Home > Export, but trying to curl https://$MISP_URL/attributes/bro/download/all does not return anything.