intelmq.bots.outputs.mcafee namespace¶

Submodules¶

intelmq.bots.outputs.mcafee.output_esm_ip module¶

ESMOutputBot connects to McAfee Enterprise Security Manager, and updates IP based watchlists

Parameters: esm_ip: IP Address of ESM esm_user: username to connect to ESM esm_password: Password of esm_user esm_watchlist: Destination watchlist to update field: field from IntelMQ message to extract (e.g. destination.ip)

intelmq.bots.outputs.mcafee.output_esm_ip.BOT¶: alias of ESMIPOutputBot

class intelmq.bots.outputs.mcafee.output_esm_ip.ESMIPOutputBot(*args, **kwargs)¶

Bases: OutputBot

Write events to the McAfee Enterprise Security Manager (ESM)

IntelMQ-Bot-Name: McAfee ESM IP

esm_ip: str = '1.2.3.4'¶

esm_password: str = None¶

esm_user: str = 'NGCP'¶

esm_watchlist: str = None¶

field: str = 'source.ip'¶

init()¶

process()¶

intelmq.bots.outputs.mcafee namespace¶

Submodules¶

intelmq.bots.outputs.mcafee.output_esm_ip module¶

Navigation

Related Topics