[RST IoC Lookup] Add RST IoC Lookup connector. + Fixes for Report Hub and Threat Feed

[k1r10n]

Proposed changes

• A new RST IoC Lookup Connector: cost-effective and functional enrichment connector for observables and indicators
• New parameters to give options for users to disable/enable generation of 'related-to' and observables when using the RST Report Hub connector
• Minor fixes to RST Threat Feed connector: indicator patterns standardised, only_new logic changed, code reformatting, description are nulled for high level objects as intrusion-set, malware, tools, etc profiles are to come from RST Threat Library

Related issues

• Usage of 'related-to' relationships is not recommended [RST Cloud - Report Hub] Several issues #2767
• It is recommended to clone indicators to observables at import time [RST Cloud - Report Hub] Several issues #2767
• [RST IoC Lookup] Create the connector #3287

Checklist

• I consider the submitted work as finished
• I tested the code for its functionality using different use cases
• I added/update the relevant documentation (either on github or on notion)
• Where necessary I refactored code to improve the overall quality

Further comments

[Powlinett]

Hi @k1r10n , thank you for your PR and this new connector!

As I wrote in the comments, there is an issue with CONNECTOR_UPDATE_EXISTING_DATA env var:

• rst-threat-hub doesn't ingest anything as VALIDATION_ERROR is raised for each message
• rst-threat-feed ingests data and I didn't see any VALIDATION_ERROR so far (there are many MISSING_REFERENCE_ERROR but it's already the case on master, your fixes/updates are not responsible)
• I tested rst-ioc-lookup manually and in auto mode, it seems to working as intended in both ways

FIY, all my tests have been done by running connectors locally with env vars set in config.yml.

Could you fix the issue in the comments so we can merge your PR please? Thanks 😇

[k1r10n]

Hi @Powlinett, this PR has been open for a while. Please take a look and merge it when you have time.

[k1r10n]

Happy New Year! :)

Need commits to be signed

[helene-nguyen]

Could you please sign your commits ?

[helene-nguyen]

@k1r10n Thank you so much for your effort! All commits need to have verified signatures. Would you mind adding that when you get a chance? 😊

[helene-nguyen]

@k1r10n Sorry again, all commits need to have verified signatures and some haven't. Would you mind adding that ?

[helene-nguyen]

Thanks for your contribution ! Everything looks great on our end :)