Skip to content
Check IOC provided by a MISP instance on Suricata events
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
LICENSE project is GPLv3 Sep 25, 2018
README.rst add a basic README Jun 3, 2019
requirements.txt relax constraints in requirements.txt Dec 30, 2018
setup.py use setuptools Sep 25, 2018
surimisp implement config file option Jun 3, 2019
surimisp.conf conf: add basedir Jun 4, 2019

README.rst

Surimisp

Introduction

Surimisp is an indicator of compromise checker for Suricata and MISP. It fetches IOC list from MISP and check them against Suricata events.

Installation

You can install dependcies via

pip install -r requirements.txt

Then you can install via

python setup.py install

Usage

First edit surimisp.conf to add your MISP API key and adjust address of your MISP instance.

You may also need to setup define one instance.

Then you can start surimisp via

surimisp -c surimisp.conf
You can’t perform that action at this time.