Created
March 1, 2023 00:39
-
-
Save bryaneaton/0f1b07542918de3cf1ef21a31ac1d1d5 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## AlienVault CLI | |
| This CLI is provided to ingest pulses from [AlienVault](https://otx.alienvault.com/). The RegScale CLI tool will convert this data feed into threats for use within the RegScale platform. It is commonly used to support Threat-Hunting and Threat-Based Risk Modeling for RegScale customers. | |
| ### Init.yaml Configuration | |
| There is one required variable that will configure the AlienVault integration. The AlienVault user API key will allow pulses to pull from all subscribed feeds within AlienVault and into the RegScale platform. | |
| - `otx` - enter AlienVault API key here | |
| ### AlienVault Integration Workflow | |
| AlienVault pulses can be ingested with the CLI tool. Below are some example commands: | |
| - `regscale alienvault ingest_pulses` - The CLI will insert all pulses from AlienVault to RegScale threats. | |
| - `regscale alienvault ingest_pulses --limit 25 --modified_since '2023-01-01 23:00:00'` - The CLI will find pulses from AlienVault modified since 01/01/2023 23:00:00 local time and the feed will pull 25 pulses per request (The CLI will request as many times as necessary to pull all the available data). | |
| AlienVault CLI | |
| This CLI is provided to ingest pulses from AlienVault. The RegScale CLI tool will convert this data feed into threats for use within the RegScale platform. It is commonly used to support Threat-Hunting and Threat-Based Risk Modeling for RegScale customers. | |
| Init.yaml Configuration | |
| There is one required variable that will configure the AlienVault integration. The AlienVault user API key will allow pulses to pull from all subscribed feeds within AlienVault and into the RegScale platform. | |
| otx - enter AlienVault API key here | |
| AlienVault Integration Workflow | |
| AlienVault pulses can be ingested with the CLI tool. Below are some example commands: | |
| regscale alienvault ingest_pulses - The CLI will insert all pulses from AlienVault to RegScale threats. | |
| regscale alienvault ingest_pulses --limit 25 --modified_since '2023-01-01 23:00:00' - The CLI will find pulses from AlienVault modified since 01/01/2023 23:00:00 local time and the feed will pull 25 pulses per request (The CLI will request as many times as necessary to pull all the available data). | |
| Markdown selection 1129 bytes 167 words 14 lines Ln 15, Col 305HTML 902 characters 161 words 9 paragraphs |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment