Skip to content

Commit

Permalink
Update pdnssoccli.yml
Browse files Browse the repository at this point in the history
  • Loading branch information
4quarks authored May 30, 2024
1 parent 9a7df96 commit 81ebbc4
Showing 1 changed file with 10 additions and 13 deletions.
23 changes: 10 additions & 13 deletions files/configuration/pdnssoccli/pdnssoccli.yml
Original file line number Diff line number Diff line change
@@ -1,30 +1,28 @@
---
logging_level: "INFO"

misp_servers:
- domain: "https://example-misp-instance.com"
api_key: "API_KEY"
verify_ssl: True
# misp.search() arguments
args:
enforce_warninglist: True
# periods:
# generic:
# delta:
# days: 30 # CAREFUL - IOCs older than the days specified will be ignored.
# tags:
# - names:
# - "tag_name"
# delta: False

periods:
generic:
delta:
days: 30
tags:
- names:
- "tag_name"
delta: False
correlation:
input_dir: /var/dnscollector/matches # use this if no files are defined from commmand line
input_dir: /var/dnscollector/matches
output_dir: /var/dnscollector/alerts
archive_dir: /var/dnscollector/archive # use this as input for looking back
malicious_domains_file: /var/dnscollector/misp_domains.txt
malicious_ips_file: /var/dnscollector/misp_ips.txt
last_correlation_pointer_file: /var/dnscollector/correlation.last
last_retro_pointer_file: /var/dnscollector/retro.last

schedules:
fetch_iocs:
interval: 10 # minutes
Expand All @@ -34,7 +32,6 @@ schedules:
interval: 1440 # minutes
alerting:
interval: 60 # minutes

alerting:
last_alerting_pointer_file: /var/dnscollector/alert.last
# email:
Expand Down

0 comments on commit 81ebbc4

Please sign in to comment.