pdnssoc-cli

Correlate dnstap files with MISP threat intelligence.

This tool parses JSON and compressed files created by go-dnscollector.

Installation

pdnssoc-cli can be fetched from the following sources:

PyPi

pip install pdnssoc-cli

Configuration

Configuration can be provided using the --config flag in yaml format. An example configuration file can be found here.

If no config flag is provided, the default file is /etc/pdnssoc-cli/config.yml.

Usage

Usage: python -m pdnssoccli.pdnssoccli [OPTIONS] COMMAND [ARGS]...

Options:
  -c, --config FILE  Read option defaults from the specified yaml file
                     [default: /etc/pdnssoc-cli/config.yml]
  --help             Show this message and exit.

Commands:
  alert       Raise alerts for spotted incidents
  correlate   Correlate input files and output matches
  daemonize   Run in daemonized mode according to configuration
  fetch-iocs  Fetch IOCs from intelligence sources

Name		Name	Last commit message	Last commit date
Latest commit History 49 Commits
.github/workflows		.github/workflows
src		src
tests		tests
.gitignore		.gitignore
AUTHORS.md		AUTHORS.md
LICENSE.txt		LICENSE.txt
Pipfile		Pipfile
Pipfile.lock		Pipfile.lock
README.md		README.md
config.yml.sample		config.yml.sample
pyproject.toml		pyproject.toml
setup.cfg		setup.cfg
setup.py		setup.py
tox.ini		tox.ini

License

CERN-CERT/pdnssoc-cli

Folders and files

Latest commit

History

Repository files navigation

pdnssoc-cli

Installation

PyPi

Configuration

Usage

About

Resources

License

Stars

Watchers

Forks

Languages