diff --git a/managing-feeds/README.md b/managing-feeds/README.md index 80cfc2e..59bc286 100644 --- a/managing-feeds/README.md +++ b/managing-feeds/README.md @@ -31,16 +31,16 @@ Here you will have access to a dynamic form. Let's check each field by order. * Url: Url of the feed, where it is located -* The Source Format can be: +* The Source Format can be: ![Source Format](./figures/sourceformat.png) * MISP Feed: The source points to a list of json formated like MISP events. Example: https://www.circl.lu/doc/misp/feed-osint - * Freetext Parsed Feed: + * Freetext Parsed Feed: ![Freetext Parsed Feed](./figures/freetextparsedfeed.png) * Target Event: Which will be the event getting updated with the data from the feed. * New Event Each Pull: A new event will be created each time the feed is pulled - * Fixed Event: A unique event will be updated with the new data. This event is determined by the next field + * Fixed Event: A unique event will be updated with the new data. This event is determined by the next field ![Target Event](./figures/targetevent.png) * Target Event ID: The id of the event where the data will be added (if not set, the field will be set the first time the feed is fetched) * Exclusion Regex: Add a regex pattern for detecting iocs that should be skipped (this can be useful to exclude any references to the actual report / feed for example) @@ -48,7 +48,7 @@ Here you will have access to a dynamic form. Let's check each field by order. * Override IDS Flag: If checked, the IDS flag will be set to false * Delta Merge: If checked, only data coming from the last fetch are kept, the old ones are deleted. - * Simple CSV Parsed Feed: + * Simple CSV Parsed Feed: ![Simple CSV Parsed Feed](./figures/simplecsvparsedfeed.png) * Target Event: Which will be the event getting updated with the data from the feed. * New Event Each Pull: A new event will be created each time the feed is pulled @@ -65,12 +65,12 @@ Here you will have access to a dynamic form. Let's check each field by order. * Default Tag: A default tag can be added to the created event(s) -* Filter rules: Here you can define which tags or organisations are allowed or blocked. +* Filter rules: Here you can define which tags or organisations are allowed or blocked. ![Filter rules](./figures/filterrules.png) -To add a tag (resp. organisation), first type it into the top middle (resp. bottom middle) text field . Then use the arrows that point to the outside to add it to the allowed or blocked tags (resp. organisations) list. -![Add Filter rules](./figures/addfilterrules.png) +To add a tag (resp. organisation), first type it into the top middle (resp. bottom middle) text field . Then use the arrows that point to the outside to add it to the allowed or blocked tags (resp. organisations) list. +![Add Filter rules](./figures/addfilterrules.png) ![Add Filter rules](./figures/addfilterrules2.png) -To remove a tag (resp. organisation), select it in the list and click on the arrow pointing to the inside. -![Remove Filter rules](./figures/removefilterrules.png) +To remove a tag (resp. organisation), select it in the list and click on the arrow pointing to the inside. +![Remove Filter rules](./figures/removefilterrules.png) ![Remove Filter rules](./figures/removefilterrules2.png)