Metadata-Version: 2.0
Name: intelmq
Version: 1.0.0.dev4
Summary: IntelMQ is a solution for CERTs to process data feeds, pastebins, tweets throught a message queue.
Home-page: https://github.com/certtools/intelmq/
Author: Sebastian Wagner
Author-email: wagner@cert.at
License: AGPLv3
Keywords: incident handling cert csirt
Platform: UNKNOWN
Classifier: Development Status :: 3 - Alpha
Classifier: Environment :: Console
Classifier: Intended Audience :: Information Technology
Classifier: Intended Audience :: System Administrators
Classifier: Intended Audience :: Telecommunications Industry
Classifier: License :: OSI Approved :: GNU Affero General Public License v3
Classifier: Operating System :: Unix
Classifier: Programming Language :: Python :: 2
Classifier: Programming Language :: Python :: 2.7
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.4
Classifier: Programming Language :: Python :: 3.5
Classifier: Topic :: Security
Requires-Dist: dnspython (>=1.12.0)
Requires-Dist: ipaddress (>=1.0.14)
Requires-Dist: psutil (>=2.1.1)
Requires-Dist: python-dateutil (>=2.4.2)
Requires-Dist: python-termstyle (>=0.1.10)
Requires-Dist: pytz (>=2015.4)
Requires-Dist: redis (>=2.10.3)
Requires-Dist: requests (>=2.7.0)
Requires-Dist: six (>=1.9.0)

Welcome to IntelMQ!
===================

.. figure:: https://raw.githubusercontent.com/certtools/intelmq/master/docs/images/Logo_Intel_MQ.png
   :alt: IntelMQ

   IntelMQ
|Build Status| |Coverage Status| |codecov.io|

**IntelMQ** is a solution for CERTs for collecting and processing
security feeds, pastebins, tweets and log files using a message queuing
protocol. It's a community driven initiative called **IHAP** (Incident
Handling Automation Project) which was conceptually designed by European
CERTs during several InfoSec events. Its main goal is to give to
incident responders an easy way to collect & process threat intelligence
thus improving the incident handling processes of CERTs.

IntelMQ's design was influenced by
`AbuseHelper <https://bitbucket.org/clarifiednetworks/abusehelper>`__,
however it was re-written from scratch and aims at:

-  Reduce the complexity of system administration
-  Reduce the complexity of writing new bots for new data feeds
-  Reduce the probability of events lost in all process with persistence
   functionality (even system crash)
-  Use and improve the existing Data Harmonization Ontology
-  Use JSON format for all messages
-  Integration of the existing tools (AbuseHelper, CIF)
-  Provide easy way to store data into Log Collectors like
   ElasticSearch, Splunk
-  Provide easy way to create your own black-lists
-  Provide easy communication with other systems via HTTP RESTFUL API

It follows the following basic meta-guidelines:

-  Don't break simplicity - KISS
-  Keep it open source - forever
-  Strive for perfection while keeping a deadline
-  Reduce complexity/avoid feature bloat
-  Embrace unit testing
-  Code readability: test with unexperienced programmers
-  Communicate clearly

Table of Contents
-----------------

1. `How to Install <#how-to-install>`__
2. `Developers Guide <#dev-guide>`__
3. `IntelMQ Manager <#control-platform>`__
4. `Incident Handling Automation
   Project <#incident-handling-automation-project>`__
5. `Data Harmonization <#data-harmonization>`__
6. `Licence <#licence>`__

 ## How to Install

See `UserGuide <docs/User-Guide.md>`__.

 ## Developers Guide

See `Developers Guide <docs/Developers-Guide.md>`__.

 ## IntelMQ Manager

Check the `tool <https://github.com/certtools/intelmq-manager>`__ and
manage easily IntelMQ system.

 ## Incident Handling Automation Project

-  **URL:**
   http://www.enisa.europa.eu/activities/cert/support/incident-handling-automation
-  **Mailing-list:** ihap@lists.trusted-introducer.org

 ## Data Harmonization

IntelMQ use the Data Harmonization. Check the following
`document <docs/Data-Harmonization.md>`__.

 ## Licence

This software is licensed under GNU Affero General Public License
version 3

.. |Build Status| image:: https://travis-ci.org/certtools/intelmq.svg?branch=master
   :target: https://travis-ci.org/certtools/intelmq
.. |Coverage Status| image:: https://coveralls.io/repos/github/certtools/intelmq/badge.svg?branch=master
   :target: https://coveralls.io/github/certtools/intelmq?branch=master
.. |codecov.io| image:: https://codecov.io/github/certtools/intelmq/coverage.svg?branch=master
   :target: https://codecov.io/github/certtools/intelmq?branch=master


