66 lines
1.7 KiB
Python
Executable File
66 lines
1.7 KiB
Python
Executable File
""" REDIS RELATED """
|
|
# Your redis server
|
|
host='127.0.0.1'
|
|
port=6385
|
|
db=3
|
|
## The keynames to POP element from
|
|
keyname_pop=['authf']
|
|
|
|
# OTHERS
|
|
## If key prefix not provided, data will be added as either object, attribute or sighting
|
|
fallback_MISP_type = 'object'
|
|
### How to handle the fallback
|
|
fallback_object_template_name = 'generic' # MISP-Object only
|
|
fallback_attribute_category = 'comment' # MISP-Attribute only
|
|
|
|
## How frequent the event should be written on disk
|
|
#flushing_interval=5*60
|
|
flushing_interval=15
|
|
## The redis list keyname in which to put items that generated an error
|
|
keyname_error='feed-generation-error'
|
|
|
|
""" FEED GENERATOR CONFIGURATION """
|
|
|
|
# The output dir for the feed. This will drop a lot of files, so make
|
|
# sure that you use a directory dedicated to the feed
|
|
outputdir = 'output'
|
|
|
|
# Event meta data
|
|
## Required
|
|
### The organisation id that generated this feed
|
|
org_name='myOrg'
|
|
### Your organisation UUID
|
|
org_uuid=''
|
|
### The daily event name to be used in MISP.
|
|
### (e.g. honeypot_1, will produce each day an event of the form honeypot_1 dd-mm-yyyy)
|
|
daily_event_name='PyMISP default event name'
|
|
|
|
## Optional
|
|
analysis=0
|
|
threat_level_id=3
|
|
published=False
|
|
Tag=[
|
|
{
|
|
"colour": "#ffffff",
|
|
"name": "tlp:white"
|
|
},
|
|
{
|
|
"colour": "#ff00ff",
|
|
"name": "my:custom:feed"
|
|
}
|
|
]
|
|
|
|
# MISP Object constructor
|
|
from ObjectConstructor.AuthFailureMISPObject import AuthFailureMISPObject
|
|
#from pymisp.pymisp.tools import GenericObjectGenerator
|
|
from pymisp.tools import GenericObjectGenerator
|
|
|
|
constructor_dict = {
|
|
'authentication-failure-report': AuthFailureMISPObject,
|
|
'generic': GenericObjectGenerator
|
|
}
|
|
|
|
# Others
|
|
## Redis pooling time
|
|
sleep=60
|