Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Fetching latest commit…
Cannot retrieve the latest commit at this time.
|Failed to load latest commit information.|
This is some Perl code that leverages the CIF framework: http://code.google.com/p/collective-intelligence-framework/ Note: this was built around the CIF 0.01 release code. The code demonstrates using the original CIF framework code to pull and parse your various datafeeds (levering CIF .cfg files that you've built in /opt/cif/etc). However, I was interested in normalizing and storing the data in a different format than the default CIF IODEF texts that CIF uses. This code could also be extended to other databases, I stuck with Postgres since that's what CIF was already using. The CIF framework is awesome, however, depending on your usage of it there may be parts of the storage schema that are not ideal. For example, - The IODEF records and table indexing may be overkill / extra storage expense for your needs - CIF doesn't use the concept of first seen / last seen, so it will store entries repeatedly while they remain in datafeeds - You may want to do queries against the data where the original CIF schema is not ideal to your needs The storage schema that I'm using can be seen in the cif-lite.sql file. Supported CIF values: - address - malware_md5 - malware_sha1 - md5