TAXII Log Adapter
Traditional SIEMs currently do not provide enough support to ingest threat information provided by TAXII services. The main goal of this project is to enable data transfer from TAXII services to SIEMs or other systems.
SIEMS are good at ingesting logs and/or events from different sources. This project is able to provide such source by getting the data from a TAXII service and converting it to any predefined target format. The formats currently supported are JSON and Common Event Format (CEF), the format can be easily customized.
This project currently supports only TAXII poll services.