Metadata-Version: 2.1
Name: gawseed-threat-feed-tools
Version: 1.1.14
Summary: Tools to search network data logs for threat feed data
Home-page: https://github.com/gawseed/threat-feed-tools
Author: Wes Hardaker and USC/ISI
Author-email: opensource@hardakers.net
License: UNKNOWN
Platform: UNKNOWN
Classifier: Programming Language :: Python :: 3
Classifier: Operating System :: OS Independent
Requires-Python: >=3.0
Description-Content-Type: text/markdown
License-File: LICENSE

# Overview

The gawseed-threat-feed-tools package provides a mechanism that binds
together:

- A threat feed source that returns a list of "threats"
- A data source, that returns rows of data to search through for the threats
- A searcher that can bind the two together, looking for threats/data
  that meet particular criteria 
- A list of "enrichers" that can take the results of any matches and
  gather additional context to pass to the ....
- A report generator that can take the results of everything and
  print/save the results

# Usage

Typical usage would be running `threat-feed.py` and loading a YAML
configuration file (passed to the `-y` switch) to bind the above
modules together.  See `theat-feed.py --config-templates` for a
selection of YAML configuration templates to use when creating config
files.

# Example configuration

Coming soon...


