Metadata-Version: 1.1
Name: intelmq
Version: 1.0.0
Summary: IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.
Home-page: https://github.com/certtools/intelmq/
Author: Sebastian Wagner
Author-email: wagner@cert.at
License: AGPLv3
Description: ===================
        Welcome to IntelMQ!
        ===================
        
        .. figure:: https://raw.githubusercontent.com/certtools/intelmq/master/docs/images/Logo_Intel_MQ.png
           :alt: IntelMQ
        
           IntelMQ
        
        |Build Status| |codecov.io|
        
        **IntelMQ** is a solution for IT security teams (CERTs, CSIRTs, abuse departments,...) 
        for collecting and processing security feeds (such as log files) using a message queuing
        protocol. It's a community driven initiative called **IHAP** (Incident
        Handling Automation Project) which was conceptually designed by European
        CERTs/CSIRTs during several InfoSec events. Its main goal is to give to
        incident responders an easy way to collect & process threat intelligence
        thus improving the incident handling processes of CERTs.
        
        IntelMQ's design was influenced by
        `AbuseHelper <https://github.com/abusesa/abusehelper>`__,
        however it was re-written from scratch and aims at:
        
        -  Reduce the complexity of system administration
        -  Reduce the complexity of writing new bots for new data feeds
        -  Reduce the probability of events lost in all process with persistence
           functionality (even system crash)
        -  Use and improve the existing Data Harmonization Ontology
        -  Use JSON format for all messages
        -  Integration of the existing tools (AbuseHelper, CIF)
        -  Provide easy way to store data into Log Collectors like
           ElasticSearch, Splunk, databases (such as PostgreSQL)
        -  Provide easy way to create your own black-lists
        -  Provide easy communication with other systems via HTTP RESTFUL API
        
        It follows the following basic meta-guidelines:
        
        -  Don't break simplicity - KISS
        -  Keep it open source - forever
        -  Strive for perfection while keeping a deadline
        -  Reduce complexity/avoid feature bloat
        -  Embrace unit testing
        -  Code readability: test with unexperienced programmers
        -  Communicate clearly
        
        Table of Contents
        =================
        
        1. `How to Install <#how-to-install>`__
        2. `Developers Guide <#developers-guide>`__
        3. `IntelMQ Manager <#intelmq-manager>`__
        4. `Incident Handling Automation
           Project <#incident-handling-automation-project>`__
        5. `Data Harmonization <#data-harmonization>`__
        6. `How to Participate <#how-to-participate>`__
        7. `Licence <#licence>`__
        
        How to Install
        ==============
        
        See `INSTALL <https://github.com/certtools/intelmq/blob/master/docs/INSTALL.md>`__.
        
        For existing installations, see `UPGRADING <https://github.com/certtools/intelmq/blob/master/docs/UPGRADING.md>`__.
        
        Developers Guide
        ================
        
        See `Developers Guide <https://github.com/certtools/intelmq/blob/master/docs/Developers-Guide.md>`__.
        
        User Guide
        ----------
        
        See `User Guide <https://github.com/certtools/intelmq/blob/master/docs/User-Guide.md>`__.
        
        For support use the intelmq-users mailing list: https://lists.cert.at/cgi-bin/mailman/listinfo/intelmq-users
        
        IntelMQ Manager
        ===============
        
        Check out this graphical
        `tool <https://github.com/certtools/intelmq-manager>`__ and easily
        manage an IntelMQ system.
        
        Incident Handling Automation Project
        ====================================
        
        -  **URL:**
           http://www.enisa.europa.eu/activities/cert/support/incident-handling-automation
        -  **Mailing-list:** ihap@lists.trusted-introducer.org
        
        Data Harmonization
        ==================
        
        IntelMQ use the Data Harmonization. Check the following
        `document <https://github.com/certtools/intelmq/blob/master/docs/Data-Harmonization.md>`__.
        
        How to participate
        ==================
        
        -  Subscribe to the Intelmq-dev Mailing list:
           https://lists.cert.at/cgi-bin/mailman/listinfo/intelmq-dev (for
           developers)
        -  Watch out for our regular developers conf call
        -  IRC: server: irc.freenode.net, channel: #intelmq
        -  Via github issues
        -  Via Pull requests (please do read help.github.com first)
        
        Licence
        =======
        
        This software is licensed under GNU Affero General Public License
        version 3
        
        .. |Build Status| image:: https://travis-ci.org/certtools/intelmq.svg?branch=master
           :target: https://travis-ci.org/certtools/intelmq
        .. |codecov.io| image:: https://codecov.io/github/certtools/intelmq/coverage.svg?branch=master
           :target: https://codecov.io/github/certtools/intelmq?branch=master
        
Keywords: incident handling cert csirt
Platform: UNKNOWN
Classifier: Development Status :: 3 - Alpha
Classifier: Environment :: Console
Classifier: Intended Audience :: Information Technology
Classifier: Intended Audience :: System Administrators
Classifier: Intended Audience :: Telecommunications Industry
Classifier: License :: OSI Approved :: GNU Affero General Public License v3
Classifier: Operating System :: Unix
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.3
Classifier: Programming Language :: Python :: 3.4
Classifier: Programming Language :: Python :: 3.5
Classifier: Programming Language :: Python :: 3.6
Classifier: Topic :: Security
