Skip to content

MISP#

MISP#

Author: Nils Kuhnert, CERT-Bund
License: AGPL-V3
Version: 2.1
Supported observables types:
- domain
- ip
- url
- fqdn
- uri_path
- user-agent
- hash
- mail
- mail_subject
- registry
- regexp
- other
- filename
Registration required: N/A
Subscription required: N/A
Free subscription: N/A
Third party service: N/A

Description#

Query multiple MISP instances for events containing an observable.

Configuration#

name Name of MISP servers
Default value if not configured N/A
Type of the configuration item string
The configuration item can contain multiple values True
Is required False
url URL of MISP servers
Default value if not configured N/A
Type of the configuration item string
The configuration item can contain multiple values True
Is required True
key API key for each server
Default value if not configured N/A
Type of the configuration item string
The configuration item can contain multiple values True
Is required True
cert_check Verify server certificate
Default value if not configured N/A
Type of the configuration item boolean
The configuration item can contain multiple values False
Is required True
cert_path Path to the CA on the system used to check server certificate
Default value if not configured N/A
Type of the configuration item string
The configuration item can contain multiple values True
Is required False

Templates samples for TheHive#

No template samples to display.


Last update: October 16, 2020 10:16:04