mirror of https://github.com/MISP/mail_to_misp
Merge pull request #60 from SteveClement/main
commit
c4274d7aa0
|
@ -76,6 +76,7 @@ class Mail2MISP():
|
||||||
self.misp_event.distribution = self.config.default_distribution
|
self.misp_event.distribution = self.config.default_distribution
|
||||||
self.misp_event.threat_level_id = self.config.default_threat_level
|
self.misp_event.threat_level_id = self.config.default_threat_level
|
||||||
self.misp_event.analysis = self.config.default_analysis
|
self.misp_event.analysis = self.config.default_analysis
|
||||||
|
self.misp_event.add_tag(self.config.id_tag)
|
||||||
|
|
||||||
def sighting(self, value, source):
|
def sighting(self, value, source):
|
||||||
if self.offline:
|
if self.offline:
|
||||||
|
|
|
@ -6,8 +6,9 @@ misp_key = 'YOUR_KEY_HERE' # The MISP auth key can be found on the MISP web int
|
||||||
misp_verifycert = True
|
misp_verifycert = True
|
||||||
spamtrap = False
|
spamtrap = False
|
||||||
default_distribution = 0
|
default_distribution = 0
|
||||||
default_threat_level = 3
|
default_threat_level = 4
|
||||||
default_analysis = 1
|
default_analysis = 1
|
||||||
|
id_tag = 'host:m2m:tld'
|
||||||
freetext = False
|
freetext = False
|
||||||
|
|
||||||
body_config_prefix = 'm2m' # every line in the body starting with this value will be skipped from the IOCs
|
body_config_prefix = 'm2m' # every line in the body starting with this value will be skipped from the IOCs
|
||||||
|
|
Loading…
Reference in New Issue