Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • 17:53
    drewm27 opened #193
  • 17:53
    drewm27 opened #193
  • 17:53
    drewm27 opened #193
  • 15:34
    lfortemps synchronize #7892
  • 15:34
    lfortemps synchronize #7892
  • 15:11
    lfortemps edited #7892
  • 15:11
    lfortemps edited #7892
  • 15:11
    lfortemps edited #7892
  • 15:11
    lfortemps edited #7892
  • 15:10
    lfortemps opened #7892
  • 15:10
    lfortemps opened #7892
  • 12:48
    gregnorz starred MISP/misp-warninglists
  • 07:04

    rommelfs on main

    Add files via upload (compare)

  • Oct 26 22:07
    logan-micklewright commented #48
  • Oct 26 22:07
    logan-micklewright commented #48
  • Oct 26 22:07
    logan-micklewright commented #48
  • Oct 26 19:57

    adulau on 2.4

    chg: [PyMISP] updated (compare)

  • Oct 26 19:57

    adulau on 2.4

    chg: [PyMISP] updated (compare)

  • Oct 26 19:56

    adulau on develop

    chg: [PyMISP] update version (compare)

Anders Einar (Kagee)
@hildenae:matrix.org
[m]
Purging of settings?
andras
@andras:matrix.circl.lu
[m]
yeah afaik there is a potential issue with using the interface of changing settings affecting the settings in config.php
not sure if it was resolved in the end or not, that was ages ago
(I might be completely wrong and it's a non issue)
Anders Einar (Kagee)
@hildenae:matrix.org
[m]
I do believe it was. I write quite a few setting that are not in server.php
Well, under ApacheSecureAuth, that is.
andras
@andras:matrix.circl.lu
[m]
ah ok in that case it's all good
Anders Einar (Kagee)
@hildenae:matrix.org
[m]
Feels like some things should be moved out of server.php just to make it a smaller file :/
Feldunost
@Feldunost
Hello everyone,
I'm looking for a module to be able to pull all IOCs from selected or specified users in alienvault OTX
I know there are some, but which is the most convenient way to go ?
24 replies
derwilliwonka
@derwilliwonka
Hey guys anyone familiar with misp-taxii?
Feldunost
@Feldunost

Hey guys anyone familiar with misp-taxii?

found this, might help maybe as kick-start : https://gist.github.com/ag-michael/54736e6d972f17e7e4b7ab7e70f4c3f2

Xebus
@Xebus-Systems
question to anyone that might know ( im new to MISP) ....unsure if its documented, is it possible to connect MISP to Azure Sentinel via MISP API in the UI? I know about the graph connector python script, was wondering if there was a better way?
fatsheep白
@f47sh33p_twitter
Hello,
Is it possible to copy an event from another organization to my organization?
It is a copy on the same MISP instance.
Feldunost
@Feldunost
currently taxii is working fine on a private instance, i am trying to import the stix file that resulted from taxii polling process
is there a command line or a script to import into MISP event id ?
andras
@andras:matrix.circl.lu
[m]
that expects MISP event format data
however, if you post a STIX document to /events/upload_stix/[version]
it will create a single, or multiple events depending on the stix documents' contents
(accepted versions are 1 and 2)
andras
@andras:matrix.circl.lu
[m]
what was the output?
also, are the diagnostics in misp complaining about missing libraries?
Feldunost
@Feldunost
checking diagnostics
stix and stix2 libraries are OK
andras
@andras:matrix.circl.lu
[m]
could you share a sample of what you tried to post?
also, which version of MISP are you on?
Feldunost
@Feldunost
v2.4.141
it's a simple taxi-poll
andras
@andras:matrix.circl.lu
[m]
ok I am not entirely sure what you are trying to do
that endpoint expects a STIX document
yeah that won't work as that test.json will not be a STIX document
it will be a taxii package
Feldunost
@Feldunost
did this and it gets correctly the stic file from alienvault as testing
andras
@andras:matrix.circl.lu
[m]
that contains a stix package
Feldunost
@Feldunost
ah ?
andras
@andras:matrix.circl.lu
[m]
just guessing but you probably have your data wrapped
Feldunost
@Feldunost
so it's not stix file out of the box ,
andras
@andras:matrix.circl.lu
[m]
yeah exactly, in that case it definitely won't work
Feldunost
@Feldunost
but on header it's stix package
andras
@andras:matrix.circl.lu
[m]
ok that looks correct
Feldunost
@Feldunost
oh ?
andras
@andras:matrix.circl.lu
[m]
a stix package should work
can you send me a sample export?
I can have a look
Feldunost
@Feldunost
mmmh getting it
andras
@andras:matrix.circl.lu
[m]
Feldunost
@Feldunost
sent
it's very simple from alienvault as testing
seems to be version 1.2
andras
@andras:matrix.circl.lu
[m]
having a look, looks like indeed a bug