Contents Menu Expand Light mode Dark mode Auto light/dark mode
Documentations
Logo
Documentations
  • Homepage
  • Overview
  • License
  • Download IDSTower
  • Quick installation
  • Changelog
  • Support
  • Installation
    • Requirements
    • Installation on CentOS 7/RHEL 7
    • Installation on CentOS Stream 8/RHEL Stream 8 Stream
    • Installation on Ubuntu 18 (Bionic)
    • Installation on Ubuntu 20 (Focal)
    • Installation on Ubuntu 22 (Jammy Jellyfish)
    • Installation on AWS Amazon Linux 2
    • Installation on CentOS 8/RHEL 8 (EOL)
  • Your first Cluster
    • Login to IDSTower
    • Set Cluster Settings
    • Set Suricata Settings
    • Set Logshipper (Filebeat) Settings
    • Start IDS Service
    • Import Detection Rules
    • Import Indicators of compromise
    • Summary
  • Cluster Management
    • Cluster Summary Tab
    • Cluster Configs Tab
    • Cluster Hosts Tab
  • Rules Management
    • Rules Life Cycle
    • IDS Rules Management Interface
    • IDS Rules Editor Interface
  • Configuration Profiles
    • Suricata Configuration Profiles
      • Suricata “IDS” Profile
      • Suricata “IDS + NSM” Profile
    • Filebeat Configuration Profiles
      • Sending events to ElasticSearch
      • Sending events to Logstash
  • Importing Threat Intelligence Feeds
    • TAXII/STIX Feeds
    • MISP Feeds (MISP events Exported as json files)
    • MISP API
    • Generic Text feeds
    • Generic CSV feeds
    • Generic json feeds
  • IDSTower Connectors
    • AWS Network Firewall Connector
      • Creating The AWS credentials
      • Adding AWS Connector Export Credentials to IDSTower
      • Configuring IDS Rules & IOCs Export to AWS Network Firewall
      • Exporting IDS Rules & IOCs Export to AWS Network Firewall
  • Advanced
    • Configuring https on IDSTower
    • Configuring the Built-In Packages repository
    • Configuring the User-Custom Packages repository
  • Upgrade Guides
    • Upgrade Guide from v2.4.0 to v2.4.1
    • Upgrade Guide from v2.3.x to v2.4.0
    • Upgrade Guide from v2.3.0 to v2.3.1
    • Upgrade Guide from v2.2.0 to v2.3.0
    • Upgrade Guide from v2.1.0 to v2.2.0
    • Upgrade Guide from v1.0.x to v2.0.0
Back to top

Importing Threat Intelligence Feeds#

In addition to the growing list of the pre-integrated Threat Intelligence Feeds that IDSTower support, it also support adding custom Threat Intelligence Feeds that uses both industry standard formats and generic formats.

Currently, the following feeds formats are supported:

  • TAXII/STIX Feeds

  • MISP Feeds (MISP events Exported as json files)

  • MISP API

  • Generic Text feeds

  • Generic CSV feeds

  • Generic json feeds

Next
TAXII/STIX Feeds
Previous
Sending events to Logstash
Copyright © 2020-2023, IDSTower
Made with Furo