Initial Build with Anomali Enrichment SDK v2.0
Sample Commandline Test Command for Context Enrichment:
python3 greynoise_anomali_enrichment.py enrichIP <enter_ip> --credentials "{\"api_key\":\"<enter_api_key>\"}"
Sample Commandline Test Command for Pivot Enrichment:
python3 greynoise_anomali_transform.py "Search IP" <enter_ip> --credentials "{\"api_key\":\"<enter_api_key>\"}"
Bundle Build Process:
- Ensure that metadata.json contains an update version number
- Ensure an updated PDF of the documentation is included in the docs folder, following the naming convention
GreyNoise Enrichment Plugin for Anomali ThreatStream v<version>.pdf - Run
python3 build-bundle.py - The bundle file will be created in the
bundlesdirectory with format:greynoise-enrichment-<version>.tar.gz - The submission Zip needed to send to Anomali (include the bundle and docs) will be created in the bundles directory with format:
greynoise-enrichment-<version>.zip
Doc Information:
- Ensure any relevant features or new transforms are added to the document
- Ensure the change log is updated in the document
Certification Submission:
- Email the Zip file for submission to [email protected]
Please read CONTRIBUTING.md for details on our code of conduct, and the process for submitting pull requests to us.
We use SemVer for versioning. For the versions available, see the tags on this repository.
- Brad Chiappetta - Initial work - BradChiappetta
See also the list of contributors who participated in this project.
This project is licensed under the MIT License - see the LICENSE.md file for details.
Have any questions or comments on this integration? Contact us at [email protected]