-
Notifications
You must be signed in to change notification settings - Fork 35
What is taxii_endpoint for stix-import? #14
Comments
Hi! You want to point it at the root endpoint (remove the /poll portion) |
Let me know if you have any other questions. |
Like I have services |
In this case it would be "/services". |
Now when I run the script and specify the my open-taxii Server ip it throws.
This was my script While in case when I specify the hailataxii.com it works fine. |
It looks like the way this is structured won't work with OpenTaxii without me making some changes. I will try to do an update today. As a reminder as well, as of QRadar 7.2.6 this script is deprecated; the suggested course is to use the supported Threat Intelligence application (located here https://exchange.xforce.ibmcloud.com/hub/extension/IBMQRadar:ThreatIntelligence). Since this application uses TAXII discover, it would not have this issue. |
Ok my end goal is to integrate the taxii server with Threat Intelligence app. |
Hi Waseem - in the Threat Intelligence app the endpoint should point at your discovery service. The app will then perform a discovery and ask you what to poll. If you are getting a Bad Gateway message it could mean any number of things including a self-signed certificates (the app requires fully valid certificates for an SSL connection. You should open a PMR with IBM Support if you are having issues with this app. |
Please open a PMR with IBM Support to troubleshoot this application. |
I have a taxii server which have services
discovery
,collection-management
,poll
andinbox
.Now what is endpoint service is it discovery or collection or poll ?
The text was updated successfully, but these errors were encountered: