intelmq.bots.outputs.mcafee namespace¶
Submodules¶
intelmq.bots.outputs.mcafee.output_esm_ip module¶
ESMOutputBot connects to McAfee Enterprise Security Manager, and updates IP based watchlists
Parameters: esm_ip: IP Address of ESM esm_user: username to connect to ESM esm_password: Password of esm_user esm_watchlist: Destination watchlist to update field: field from IntelMQ message to extract (e.g. destination.ip)
-
intelmq.bots.outputs.mcafee.output_esm_ip.BOT¶ alias of
intelmq.bots.outputs.mcafee.output_esm_ip.ESMIPOutputBot
-
class
intelmq.bots.outputs.mcafee.output_esm_ip.ESMIPOutputBot(*args, **kwargs)¶ Bases:
intelmq.lib.bot.OutputBotWrite events to the McAfee Enterprise Security Manager (ESM)
IntelMQ-Bot-Name: McAfee ESM IP
-
esm_ip= '1.2.3.4'¶
-
esm_password= None¶
-
esm_user= 'NGCP'¶
-
esm_watchlist= None¶
-
field= 'source.ip'¶
-
init()¶
-
process()¶
-
