[Bro] [bro] misp2bro
Tim Desrochers
tgdesrochers at gmail.com
Sun Apr 17 04:19:01 PDT 2016
Anyone using MISP? I installed MISP as a test and it seems pretty useful.
What I can't seem to get working is the misp2bro script written to export
indicators in MISP to bro format.
https://github.com/unusedPhD/misp2bro
When I run the script it appears to crash and give the error:
Traceback (most recent call last):
File "misp2bro.py", line 288, in <module>
if makeBroFiles(parseXML(EXPORT_FILE)):
File "misp2bro.py", line 168, in makeBroFiles
if int(event.find('attribute_count').text):
AttributeError: 'NoneType' object has no attribute 'text'
If I run it again there is no crash but that is because the md5 it
generates matches the previous hash so no action is taken on the downloaded
xml.
Has anyone used this, I could use a hand getting it working.
Thanks
Tim
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20160417/a5bc8409/attachment.html
More information about the Bro
mailing list