PyMISP/examples/feed_generator_from_redis/settings.default.py

""" REDIS RELATED """
# Your redis server
host='127.0.0.1'
port=6379
db=0
## The keynames to POP element from
keyname_pop=['cowrie']

# OTHERS
## If key prefix not provided, data will be added as either object, attribute or sighting
fallback_MISP_type = 'object'
### How to handle the fallback
fallback_object_template_name = 'cowrie' # MISP-Object only
fallback_attribute_category = 'comment'  # MISP-Attribute only

## How frequent the event should be written on disk
flushing_interval=5*60
## The redis list keyname in which to put items that generated an error
keyname_error='feed-generation-error'

""" FEED GENERATOR CONFIGURATION """

# The output dir for the feed. This will drop a lot of files, so make
# sure that you use a directory dedicated to the feed
outputdir = 'output'

# Event meta data
## Required
### The organisation id that generated this feed
org_name='myOrg'
### Your organisation UUID
org_uuid=''
### The daily event name to be used in MISP.
### (e.g. honeypot_1, will produce each day an event of the form honeypot_1 dd-mm-yyyy)
daily_event_name='PyMISP default event name'

## Optional
analysis=0
threat_level_id=3
published=False
Tag=[
    {
        "colour": "#ffffff",
        "name": "tlp:white"
    },
    {
        "colour": "#ff00ff",
        "name": "my:custom:feed"
    }
]

# MISP Object constructor
from ObjectConstructor.CowrieMISPObject import CowrieMISPObject
from pymisp.tools import GenericObjectGenerator

constructor_dict = {
    'cowrie': CowrieMISPObject,
    'generic': GenericObjectGenerator
}

# Others
## Redis pooling time
sleep=60
Creation of the generator object which permit to easily add attributes and objects to daily events, stored as a MISP feed. Plus, script fromredis which pops queue element in redis to put them in the feed 2018-03-09 15:31:13 +01:00			`""" REDIS RELATED """`
Init draft of redis to feed 2018-03-08 12:01:35 +01:00			`# Your redis server`
			`host='127.0.0.1'`
			`port=6379`
			`db=0`
			`## The keynames to POP element from`
Overhall seems to work, need testing 2018-03-08 14:19:28 +01:00			`keyname_pop=['cowrie']`
Init draft of redis to feed 2018-03-08 12:01:35 +01:00
Creation of the generator object which permit to easily add attributes and objects to daily events, stored as a MISP feed. Plus, script fromredis which pops queue element in redis to put them in the feed 2018-03-09 15:31:13 +01:00			`# OTHERS`
new: [freedFromRedis] try to create an object/attribute out of the incoming data even if not added with the helper 2018-10-11 10:12:45 +02:00			`## If key prefix not provided, data will be added as either object, attribute or sighting`
			`fallback_MISP_type = 'object'`
			`### How to handle the fallback`
			`fallback_object_template_name = 'cowrie' # MISP-Object only`
			`fallback_attribute_category = 'comment' # MISP-Attribute only`

Creation of the generator object which permit to easily add attributes and objects to daily events, stored as a MISP feed. Plus, script fromredis which pops queue element in redis to put them in the feed 2018-03-09 15:31:13 +01:00			`## How frequent the event should be written on disk`
			`flushing_interval=5*60`
			`## The redis list keyname in which to put items that generated an error`
			`keyname_error='feed-generation-error'`

			`""" FEED GENERATOR CONFIGURATION """`

Init draft of redis to feed 2018-03-08 12:01:35 +01:00			`# The output dir for the feed. This will drop a lot of files, so make`
			`# sure that you use a directory dedicated to the feed`
			`outputdir = 'output'`

			`# Event meta data`
			`## Required`
			`### The organisation id that generated this feed`
			`org_name='myOrg'`
			`### Your organisation UUID`
			`org_uuid=''`
feature: Added support of MISP object constructor instead of the generic_generator 2018-03-12 15:17:25 +01:00			`### The daily event name to be used in MISP.`
Creation of the generator object which permit to easily add attributes and objects to daily events, stored as a MISP feed. Plus, script fromredis which pops queue element in redis to put them in the feed 2018-03-09 15:31:13 +01:00			`### (e.g. honeypot_1, will produce each day an event of the form honeypot_1 dd-mm-yyyy)`
Init draft of redis to feed 2018-03-08 12:01:35 +01:00			`daily_event_name='PyMISP default event name'`

			`## Optional`
			`analysis=0`
			`threat_level_id=3`
			`published=False`
Creation of the generator object which permit to easily add attributes and objects to daily events, stored as a MISP feed. Plus, script fromredis which pops queue element in redis to put them in the feed 2018-03-09 15:31:13 +01:00			`Tag=[`
			`{`
Init draft of redis to feed 2018-03-08 12:01:35 +01:00			`"colour": "#ffffff",`
			`"name": "tlp:white"`
Added support of MISP Object 2018-03-08 17:33:39 +01:00			`},`
Creation of the generator object which permit to easily add attributes and objects to daily events, stored as a MISP feed. Plus, script fromredis which pops queue element in redis to put them in the feed 2018-03-09 15:31:13 +01:00			`{`
Added support of MISP Object 2018-03-08 17:33:39 +01:00			`"colour": "#ff00ff",`
			`"name": "my:custom:feed"`
Creation of the generator object which permit to easily add attributes and objects to daily events, stored as a MISP feed. Plus, script fromredis which pops queue element in redis to put them in the feed 2018-03-09 15:31:13 +01:00			`}`
			`]`
Init draft of redis to feed 2018-03-08 12:01:35 +01:00
feature: Added support of MISP object constructor instead of the generic_generator 2018-03-12 15:17:25 +01:00			`# MISP Object constructor`
Moved object constructor into their own folder 2018-03-12 15:22:58 +01:00			`from ObjectConstructor.CowrieMISPObject import CowrieMISPObject`
feature: Added support of MISP object constructor instead of the generic_generator 2018-03-12 15:17:25 +01:00			`from pymisp.tools import GenericObjectGenerator`

			`constructor_dict = {`
			`'cowrie': CowrieMISPObject,`
			`'generic': GenericObjectGenerator`
			`}`

Init draft of redis to feed 2018-03-08 12:01:35 +01:00			`# Others`
			`## Redis pooling time`
Added support of MISP Object 2018-03-08 17:33:39 +01:00			`sleep=60`