MISP
/
misp-website
mirror of https://github.com/MISP/misp-website
2
0
Fork 0
Code Issues Releases Wiki Activity

Update default-feeds.md

pull/2/head
Andras Iklody 2017-06-05 11:39:21 +02:00 committed by GitHub
parent ce05bd2577
commit 7cc4cdb7a9
1 changed files with 7 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
_pages/default-feeds.md
View File

@ -6,15 +6,15 @@ toc: true
---
MISP includes a set of public OSINT feeds in its default configuration. The feeds can
be used as a source of correlation for all your events and attributes without the need to
import the feed into your system. The MISP feed system allows a fast correlation but also
a quick comparison of the feeds among the others.
be used as a source of correlations for all of your events and attributes without the need to
import them directly into your system. The MISP feed system allows for fast correlation but also
a for quick comparisons of the feeds against one another.
The feeds can be in three different formats:
- [MISP standardized format](https://github.com/MISP/misp-rfc/blob/master/misp-core-format/raw.md.txt) which is the preferred format to benefit from all the MISP functionalities.
- CSV format where you can select the values you want to be imported.
- freetext format which allows to use the automatic indicators/attributes detection from unstructured texts.
- CSV format, allowing you to pick the columns that are to be imported.
- freetext format which allows automatic ingestion and detection of indicator/attribute by parsing any unstructured text.
and located in different input transports:
@ -23,11 +23,11 @@ and located in different input transports:
## Default feeds available in MISP
The default feeds are described in a [simple JSON format](https://github.com/MISP/MISP/blob/2.4/app/files/feed-metadata/defaults.json). The default feeds, the current version of MISP, are the following:
The default feeds are described in a [simple JSON format](https://github.com/MISP/MISP/blob/2.4/app/files/feed-metadata/defaults.json). The default feeds and the current version of MISP are the following:
{% include feeds.md %}
To enable a feed in the caching, you just need to check the enabled field and the lookup visible to benefit automatically of the feeds in your local MISP instance.
To enable a feed for caching, you just need to check the enabled field to benefit automatically of the feeds in your local MISP instance. To allow other users of your MISP instance to benefit from this functionality, simply check the "lookup visible" checkbox.
## Feed overlap analysis matrix