MISP

A threat intelligence platform for gathering, sharing, storing and correlating Indicators of Compromise of targeted attacks, threat intelligence, financial fraud information, vulnerability information or even counter-terrorism information.

Integration with LogicHub

Connecting with MISP

To connect to MISP following details are required:

  • Label: Connection name.
  • Reference Values: Define variables here to templatize integration connections and actions. For example, you can use https://www.{{hostname}}.com where, hostname is a variable defined in this input. For more information on how to add data, see 'Add Data' Input Type for Integrations.
  • Server URL: MISP Server URL.
  • API Key: The API key to connect to the MISP.

Actions with MISP

Full Text Search

Perform a full text search on MISP.

Inputs to this Action

  • Connections: Choose a connection that you have created.
  • Column Name: Column name from parent table to lookup search value for.

Output of Action
JSON containing the following items:

  • has_error: True/False
  • error: message/null
{
   "has_error": true,
   "error": "Search string is empty."
}

Did this page help you?