From ce289041ba5a21a9b9206aa25872afdad2b379d9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mario=20St=C3=B6ckl?= Date: Wed, 30 Jul 2025 13:57:13 +0000 Subject: [PATCH] misp_analyzer.py aktualisiert --- misp_analyzer.py | 22 +++++----------------- 1 file changed, 5 insertions(+), 17 deletions(-) diff --git a/misp_analyzer.py b/misp_analyzer.py index b8ccf3c..3f18218 100644 --- a/misp_analyzer.py +++ b/misp_analyzer.py @@ -61,43 +61,31 @@ class MispAnalyzer(interface.BaseAnalyzer): "query_string": "md5_hash:*", "attr": "md5", "timesketch_attr": "md5_hash", - "include_community": False, # Start with own org only + "include_community": True, }, { "query_string": "sha1_hash:*", "attr": "sha1", "timesketch_attr": "sha1_hash", - "include_community": False, + "include_community": True, }, { "query_string": "sha256_hash:*", "attr": "sha256", "timesketch_attr": "sha256_hash", - "include_community": False, + "include_community": True, }, { "query_string": "filename:*", "attr": "filename", "timesketch_attr": "filename", - "include_community": False, - }, - { - "query_string": "message:*", - "attr": "ip-src", - "timesketch_attr": "message", - "include_community": False, - }, - { - "query_string": "message:*", - "attr": "ip-dst", - "timesketch_attr": "message", - "include_community": False, + "include_community": True, }, { "query_string": "source_ip:*", "attr": "ip-src", "timesketch_attr": "source_ip", - "include_community": False, + "include_community": True, }, ] return to_query