Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

MISP Analyzer #14

Closed
saadkadhi opened this issue Feb 18, 2017 · 3 comments
Closed

MISP Analyzer #14

saadkadhi opened this issue Feb 18, 2017 · 3 comments
Labels
scope:analyzer Issue is analyzer related
Milestone
1.2.0

Comments

@saadkadhi
Copy link
Contributor

Request Type

Analyzer Request

Work Environment

NA

Analyzer Description

Create an analyzer that can query one or several MISP instances.

The analyzer must be able to ingest observables, query MISP instances and provide the number of events where the observable can be found as a short report. The long analyzer report should contain useful metadata about the associated events if any and hyperlinks to access them.

Additional Information

TheHive should be able to preview and import the events of interest once this analyzer is executed.
@saadkadhi
Copy link
Contributor Author

@3c7 proposed to provide this analyzer.

@saadkadhi saadkadhi added the scope:analyzer Issue is analyzer related label Feb 18, 2017
@saadkadhi saadkadhi mentioned this issue Feb 18, 2017
Closed
@saadkadhi
Copy link
Contributor Author

@3c7 If you are haven't started working on this analyzer, please drop it as @ant1 created one already and we are currently reviewing it. But if it's too late, that is just fine. We'll consider your pull request and compare both analyzers to add any useful features @ant1 might have missed. Sorry for any inconvenience.

@3c7
Copy link
Contributor

3c7 commented Mar 23, 2017

@saadkadhi It's already in use here. ;) I will upload all of my analyzers to our repo then we're able to choose what to include in this one. :)

nadouani pushed a commit that referenced this issue Mar 23, 2017
@ant1 @nadouani
#14 Add a MISP search analyzer
9657830
nadouani added a commit that referenced this issue Mar 23, 2017
@nadouani
#14 Update the analyzer's description
61de5a5
nadouani added a commit that referenced this issue Mar 24, 2017
@nadouani
#14 Update the analyzer summary method
9d25186
@nadouani nadouani modified the milestone: 1.2.0 Apr 21, 2017
jeromeleonard added a commit that referenced this issue Jun 8, 2017
@jeromeleonard
#14 #13 from Nils Kuhnert PR41
c59009d
To-om pushed a commit that referenced this issue Apr 17, 2019
@saadkadhi
Merge pull request #14 from Viltaria/patch-1
eeb20da 
Update install-guide.md
viviandsilva pushed a commit to viviandsilva/Cortex-Analyzers that referenced this issue Sep 2, 2021
OTX query does not have actionable intelligence (TheHive-Project#14)
e4f245c 
* add IDS detection information

* report alerts

* return 'No alerts available' when that is the case

* only add alerts if they are available

* return ids_detections only if available

Co-authored-by: Dan Prantl <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
scope:analyzer Issue is analyzer related
Projects
None yet
Milestone
1.2.0
Development

No branches or pull requests
4 participants
@nadouani @3c7 @saadkadhi @ant1