A plugin to enable indicators to be submitted to CIFv3 in real-time

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for tenzir from gravatar.com tenzir

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: BSD License (BSD 3-clause)
  • Author: Michael Davis, derived from work by Tenzir
  • Tags cif , cifv3 , cif3 , renisac , ren-isac , MISP , threat intelligence , IDS , zeromq , zmq , kafka
  • Requires: Python >=3.6
Classifiers
Report project as malware

Project description

Threat Bus CIFv3 Plugin

A Threat Bus plugin that enables communication to Collective Intelligence Framework v3.

Installation

pip install threatbus-cif3

Configuration

The plugin uses the cifsdk python client to submit indicators received on the threatbus into a CIF instance.

...
plugins:
  cif3:
    api:
      host: http://cif.host.tld:5000
      ssl: false
      token: CIF_TOKEN
    group: everyone
    confidence: 7.5
    tlp: amber
    tags:
      - test
      - malicious
...

Development Setup

The following guides describe how to set up local, dockerized instances of MISP.

Dockerized CIFv3

Use dockerized CIFv3 to set up a local CIFv3 environment:

Setup a CIFv3 docker container

git clone https://github.com/sfinlon/cif-docker.git
cd cif-docker
docker-compose build

Edit the docker-compose.yml

vim docker-compose.yml

Find the section cif in the configuration and edit the following as appropriate:

cif:
    ...
    ports:
      - "5000:5000"
    ...

Start the container

docker-compose up -d
# get an interactive shell
docker-compose exec cif /bin/bash
# become the cif user
su cif
# check to see if access tokens were successfully created
cif-tokens
# ping the router to ensure connectivity
cif --ping

License

Threat Bus comes with a 3-clause BSD license.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for tenzir from gravatar.com tenzir

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: BSD License (BSD 3-clause)
  • Author: Michael Davis, derived from work by Tenzir
  • Tags cif , cifv3 , cif3 , renisac , ren-isac , MISP , threat intelligence , IDS , zeromq , zmq , kafka
  • Requires: Python >=3.6
Classifiers

Release history Release notifications | RSS feed

2022.5.16

2022.1.27

2021.12.16

2021.11.22

2021.11.18

2021.9.30

2021.8.26

2021.7.29

2021.6.24

2021.5.27

2021.4.29

2021.3.25

2021.2.24

2020.12.16

2020.11.26

2020.10.29

2020.9.30

This version

2020.7.28

2020.6.25

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

threatbus-cif3-2020.7.28.tar.gz (7.8 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

threatbus_cif3-2020.7.28-py3-none-any.whl (6.8 kB view details)

Uploaded Python 3

File details

Details for the file threatbus-cif3-2020.7.28.tar.gz.

File metadata

  • Download URL: threatbus-cif3-2020.7.28.tar.gz
  • Upload date:
  • Size: 7.8 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.2.0 pkginfo/1.5.0.1 requests/2.24.0 setuptools/41.2.0 requests-toolbelt/0.9.1 tqdm/4.48.0 CPython/3.8.3

File hashes

Hashes for threatbus-cif3-2020.7.28.tar.gz
Algorithm Hash digest
SHA256 871339cb234a33b272623690be5963936171d200a923cec7b80f6e83933b9acd
MD5 5e38e1765a7c9b353b41155f3a62cbd0
BLAKE2b-256 966e2bdea4f46b99ce92f8e6cca732e11ac696349a2006698a1f327b3f8e8e32

See more details on using hashes here.

File details

Details for the file threatbus_cif3-2020.7.28-py3-none-any.whl.

File metadata

  • Download URL: threatbus_cif3-2020.7.28-py3-none-any.whl
  • Upload date:
  • Size: 6.8 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.2.0 pkginfo/1.5.0.1 requests/2.24.0 setuptools/41.2.0 requests-toolbelt/0.9.1 tqdm/4.48.0 CPython/3.8.3

File hashes

Hashes for threatbus_cif3-2020.7.28-py3-none-any.whl
Algorithm Hash digest
SHA256 b040ec6fed9dfad1f389be840edaa812282707a920788adba8aef398d2162bf0
MD5 37f278941e3c184d1c3671ec8d563a7c
BLAKE2b-256 a983b831475cc4836e94054be5764d5f3bb80c93fa5c7395510801162295890e

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page