Skip to content
/ surimisp Public

Check IOC provided by a MISP instance on Suricata events

License

GPL-3.0 license
17 stars 4 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

StamusNetworks/surimisp

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

50 Commits
LICENSE
LICENSE
 
 
README.rst
README.rst
 
 
requirements.txt
requirements.txt
 
 
setup.py
setup.py
 
 
surimisp
surimisp
 
 
surimisp.conf
surimisp.conf
 
 

Repository files navigation

Surimisp

Introduction

Surimisp is an indicator of compromise checker for Suricata and MISP. It fetches IOC list from MISP and check them against Suricata events.

Installation

You can install dependcies via

pip install -r requirements.txt

Then you can install via

python setup.py install

Usage

First edit surimisp.conf to add your MISP API key and adjust address of your MISP instance.

You may also need to setup define one instance.

Then you can start surimisp via

surimisp -c surimisp.conf

About

Check IOC provided by a MISP instance on Suricata events

Topics

security ioc suricata misp

Resources

Readme

License

GPL-3.0 license
Activity
Custom properties

Stars

17 stars

Watchers

7 watching

Forks

4 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages