Contents Menu Expand Light mode Dark mode Auto light/dark, in light mode Auto light/dark, in dark mode Skip to content
Documentations
Logo
Documentations
  • Homepage
  • Overview
  • License
  • Download IDSTower
  • Quick installation
  • Changelog
  • Support
  • Installation
    • Requirements
    • Running IDSTower using Docker
    • Installation on CentOS Stream 9
    • Installation on Rocky Linux 8
    • Installation on Rocky Linux 9
    • Installation on AlmaLinux 8
    • Installation on AlmaLinux 9
    • Installation on Oracle Linux 8
    • Installation on Oracle Linux 9
    • Installation on RHEL 8
    • Installation on RHEL 9
    • Installation on AWS Amazon Linux 2023
    • Installation on Debian 11 (Bullseye)
    • Installation on Debian 12 (Bookworm)
    • Installation on Ubuntu 18.04 (Bionic)
    • Installation on Ubuntu 20.04 (Focal)
    • Installation on Ubuntu 22.04 (Jammy Jellyfish)
    • Installation on Ubuntu 24.04 (Noble Numbat)
    • Installation on CentOS 7/RHEL 7 (EOL)
    • Installation on CentOS 8/RHEL 8 (EOL)
    • Installation on CentOS Stream 8
    • Installation on AWS Amazon Linux 2
    • Installation on Debian 10.8 (Buster)
    • Installation on Ubuntu 23.10 (Mantic Minotaur)
  • Your first Cluster
    • Login to IDSTower
    • Set Cluster Settings
    • Set Suricata Settings
    • Set Logshipper (Filebeat) Settings
    • Start IDS Service
    • Import Detection Rules
    • Import Indicators of compromise
    • Summary
  • Cluster Management
    • Cluster Summary Tab
    • Cluster Configs Tab
    • Cluster Hosts Tab
  • Configuration Profiles
    • Suricata Configuration Profiles
      • Suricata “IDS” Profile
      • Suricata “IDS + NSM” Profile
    • Filebeat Configuration Profiles
      • Sending events to ElasticSearch
      • Sending events to Logstash
  • Rules Management
    • Rules Life Cycle
    • IDS Rules Management Interface
    • Rules Transformation Options
    • IDS Rules Editor Interface
  • Importing Threat Intelligence Feeds
    • TAXII/STIX Feeds
    • MISP Feeds (MISP events Exported as json files)
    • MISP API
    • Generic Text feeds
    • Generic CSV feeds
    • Generic json feeds
  • Exporting Rules & IOCs
    • Adding IDS Rules Export
    • Adding IOCs Export
  • IDSTower Connectors
    • AWS Network Firewall Connector
      • Creating The AWS credentials
      • Adding AWS Connector Export Credentials to IDSTower
      • Configuring IDS Rules & IOCs Export to AWS Network Firewall
      • Exporting IDS Rules & IOCs Export to AWS Network Firewall
  • Advanced
    • Configuring https on IDSTower
    • Configuring custom http port for IDSTower
    • Configuring the Built-In Packages repository
    • Configuring the User-Custom Packages repository
    • REST API Interface
  • Upgrade Guides
    • Upgrade Guide from v2.8.0 to v2.8.1
    • Upgrade Guide from v2.7.x to v2.8.0
    • Upgrade Guide from v2.7.1 to v2.7.2
    • Upgrade Guide from v2.7.0 to v2.7.1
    • Upgrade Guide from v2.6.0 to v2.7.0
    • Upgrade Guide from v2.5.x to v2.6.0
    • Upgrade Guide from v2.5.2 to v2.5.3
    • Upgrade Guide from v2.5.1 to v2.5.2
    • Upgrade Guide from v2.5.0 to v2.5.1
    • Upgrade Guide from v2.4.x to v2.5.0
    • Upgrade Guide from v2.4.0 to v2.4.1
    • Upgrade Guide from v2.3.x to v2.4.0
    • Upgrade Guide from v2.3.0 to v2.3.1
    • Upgrade Guide from v2.2.0 to v2.3.0
    • Upgrade Guide from v2.1.0 to v2.2.0
    • Upgrade Guide from v1.0.x to v2.0.0
Back to top

Importing Threat Intelligence Feeds¶

In addition to the growing list of the pre-integrated Threat Intelligence Feeds that IDSTower support, it also support adding custom Threat Intelligence Feeds that uses both industry standard formats and generic formats.

Currently, the following feeds formats are supported:

  • TAXII/STIX Feeds

  • MISP Feeds (MISP events Exported as json files)

  • MISP API

  • Generic Text feeds

  • Generic CSV feeds

  • Generic json feeds

Next
TAXII/STIX Feeds
Previous
IDS Rules Editor Interface
Copyright © 2020-2024, IDSTower
Made with Furo