2016-03-01 15:32:58 +01:00
|
|
|
# Your MISP's URL
|
|
|
|
url = ''
|
|
|
|
|
|
|
|
# The auth key to the MISP user that you wish to use. Make sure that the
|
|
|
|
# user has auth_key access
|
|
|
|
key = ''
|
|
|
|
|
|
|
|
# Should the certificate be validated?
|
|
|
|
ssl = False
|
|
|
|
|
|
|
|
# The output dir for the feed. This will drop a lot of files, so make
|
|
|
|
# sure that you use a directory dedicated to the feed
|
|
|
|
outputdir = 'output'
|
|
|
|
|
2020-01-02 20:01:07 +01:00
|
|
|
# Determine the number of entries to output
|
|
|
|
entries = 200
|
|
|
|
|
2016-03-01 15:32:58 +01:00
|
|
|
# The filters to be used for by the feed. You can use any filter that
|
|
|
|
# you can use on the event index, such as organisation, tags, etc.
|
|
|
|
# It uses the same joining and condition rules as the API parameters
|
|
|
|
# For example:
|
2018-01-11 11:58:50 +01:00
|
|
|
# filters = {'tag':'tlp:white|feed-export|!privint','org':'CIRCL', 'published':1}
|
|
|
|
# the above would generate a feed for all published events created by CIRCL,
|
|
|
|
# tagged tlp:white and/or feed-export but exclude anything tagged privint
|
2018-02-06 21:41:03 +01:00
|
|
|
filters = {'published':'true'}
|
2016-03-01 15:32:58 +01:00
|
|
|
|
2020-06-19 13:41:58 +02:00
|
|
|
# Include deleted attributes and objects in the events
|
|
|
|
include_deleted = False
|
2016-04-11 15:18:05 +02:00
|
|
|
|
|
|
|
# By default all attributes will be included in the feed generation
|
|
|
|
# Remove the levels that you do not wish to include in the feed
|
|
|
|
# Use this to further narrow down what gets exported, for example:
|
|
|
|
# Setting this to ['3', '5'] will exclude any attributes from the feed that
|
|
|
|
# are not exportable to all or inherit the event
|
|
|
|
#
|
|
|
|
# The levels are as follows:
|
|
|
|
# 0: Your Organisation Only
|
|
|
|
# 1: This Community Only
|
|
|
|
# 2: Connected Communities
|
|
|
|
# 3: All
|
|
|
|
# 4: Sharing Group
|
|
|
|
# 5: Inherit Event
|
|
|
|
valid_attribute_distribution_levels = ['0', '1', '2', '3', '4', '5']
|
|
|
|
|
2021-11-05 11:37:10 +01:00
|
|
|
|
|
|
|
# By default, all attribute passing the filtering rules will be exported.
|
|
|
|
# This setting can be used to filter out attributes being of the type `malaware-sample`.
|
|
|
|
# Warning: Keep in mind that if you propagate data (via synchronisation/feeds/...), recipients
|
|
|
|
# will not be able to get the malware samples back.
|
|
|
|
exclude_malware_samples = False
|