This repository has been archived by the owner on Jun 17, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 20
Parsers
Scott Finlon edited this page May 31, 2019
·
3 revisions
token: 6d58e8dfddc6aba931684b0d15831719f562e89f1deed64494075df6efdbdd2b09ac797ddb65d51d
remote: 'https://external.cif.url/indicators'
defaults:
provider: 'external.cif.url'
feeds:
external-cif-everyone-ipv4:
filters:
groups: 'everyone'
itype: ipv4
If you want to mask the provider or change the group, set the defaults and then set which values you want to ingest from the external CIF instance. For example, if you wanted all data to be ingested locally with the provider tag of "external.cif.url" and be put in the "external" group, just set the defaults and don't include those values:
token: 6d58e8dfddc6aba931684b0d15831719f562e89f1deed64494075df6efdbdd2b09ac797ddb65d51d
remote: 'https://external.cif.url/indicators'
defaults:
provider: 'external.cif.url'
group: 'external'
feeds:
external-cif-everyone-ipv4:
filters:
groups: 'everyone'
itype: ipv4
values:
- tlp
- reporttime
- indicator
- firsttime
- lasttime
- count
- tags
- description
- confidence