MISP
/
mail_to_misp
mirror of https://github.com/MISP/mail_to_misp
2
0
Fork 0
Code Issues Releases Wiki Activity

described new feature (--urlsonly, --event)

pull/38/head
Sascha Rommelfangen 2019-07-22 14:47:41 +02:00 committed by GitHub
parent 5347325d8b
commit 9906c05298
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 10 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
README.md
View File

@ -40,6 +40,14 @@ If you send a mail to mail_to_misp containing: `key:ABCDEFGHIJKLMN0PQRSTUVWXYZ`
If you don't want to use this feature, just don't put it in the message body. If you don't want to use this feature, just don't put it in the message body.
The distribution is defined in the configuration as well: `m2m_auto_distribution = '3' # 3 = All communities` The distribution is defined in the configuration as well: `m2m_auto_distribution = '3' # 3 = All communities`
For OSINT collection purposes (like collecting URLs to OSINT reports), you can tell `mail_to_misp` to only extract URLs (`--urlsonly`) and append them to a predefined MISP event (`--event N`). The subject of such a mail goes into the comment field of the value.
Example:
```
osinturlcollection: "|/path/to/mail_to_misp.py --urlsonly --event 12345 -"
```
# Pass parameters in the email body # Pass parameters in the email body
``` ```
@ -194,5 +202,5 @@ pipenv install
This software is licensed under [GNU Affero General Public License version 3](http://www.gnu.org/licenses/agpl-3.0.html) This software is licensed under [GNU Affero General Public License version 3](http://www.gnu.org/licenses/agpl-3.0.html)
* Copyright (C) 2017, 2018 Sascha Rommelfangen, Raphaël Vinot * Copyright (C) 2017 - 2019 Sascha Rommelfangen, Raphaël Vinot
* Copyright (C) 2017, 2018 CIRCL - Computer Incident Response Center Luxembourg * Copyright (C) 2017 - 2019 CIRCL - Computer Incident Response Center Luxembourg