MISP
/
misp-book
mirror of https://github.com/MISP/misp-book
2
0
Fork 0
Code Issues Releases Wiki Activity

update of taxonomy's part+ add machinetag.py

pull/25/head
hibouu 2016-08-19 00:14:20 +02:00
parent a0a40c90fc
commit a82d6afa7d
1 changed files with 24 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
taxonomy/README.md
View File

@ -135,6 +135,29 @@ Once you are happy with your file go to MISP Web GUI taxonomies/index and update
### Filtering the distribution of events among MISP instances ### Filtering the distribution of events among MISP instances
Applying rules for distribution based on tags: Applying rules for distribution based on tags:
### MISP Taxonomies - tools
[machinetag.py](https://github.com/MISP/misp-taxonomies/blob/master/tools/machinetag.py) is a parsing tool to dump taxonomies expressed in Machine Tags (Triple Tags) and list all valid tags from a specific taxonomy.
~~~~shell
% cd tools
% python machinetag.py
admiralty-scale:source-reliability="a"
admiralty-scale:source-reliability="b"
admiralty-scale:source-reliability="c"
admiralty-scale:source-reliability="d"
admiralty-scale:source-reliability="e"
admiralty-scale:source-reliability="f"
admiralty-scale:information-credibility="1"
admiralty-scale:information-credibility="2"
admiralty-scale:information-credibility="3"
admiralty-scale:information-credibility="4"
admiralty-scale:information-credibility="5"
admiralty-scale:information-credibility="6"
...
~~~~
### Other use cases using MISP taxonomies ### Other use cases using MISP taxonomies
Tags can be used to set events for further processing by external tools (e.g. VirusTotal auto-expansion using Viper). Tags can be used to set events for further processing by external tools (e.g. VirusTotal auto-expansion using Viper).