Skip to content
/ avotx Public
forked from tarxvf/avotx

AlienVault Open Threat Exchange App For Splunk

0 stars 4 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

femaven/avotx

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
bin
bin
 
 
default
default
 
 
local
local
 
 
metadata
metadata
 
 
README.md
README.md
 
 

Repository files navigation

This connects to AlienVault and accesses the Open Threat eXchange for import into splunk

it reconnects every two minutes, and pulls in the data

sourcetype="avotx.log" "avotx_poller_rev=1.1”

you can rewind its input by setting the avotx_poller.cfg:revision = 0

enjoy!

Femaven's ideas: DNS update poller to pull in suspicious DNS records from OTX Pull in DNS queries for correlation Dashboards for both IP and DNS Incorporating CIM

About

AlienVault Open Threat Exchange App For Splunk

Resources

Readme
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Python 97.5%
  • Shell 2.5%