Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Shadowserver parser: mapping for Honeypont HTTP Scan and updated Microsoft Sinkhole HTTP #2050

Closed
wants to merge 1 commit into from
Closed

Shadowserver parser: mapping for Honeypont HTTP Scan and updated Microsoft Sinkhole HTTP #2050

wants to merge 1 commit into from

Conversation

oscarliz
Copy link

@oscarliz oscarliz commented Aug 18, 2021
edited by ghost
Loading

Resolved the following error that Could not get a configuration for:
event4_honeypot_http_scan
event4_microsoft_sinkhole_http

@oscarliz
Create_config.py
a009829 
Resolved the following error that Could not get a configuration for:
event4_honeypot_http_scan
event4_microsoft_sinkhole_http
ghost
ghost reviewed Aug 19, 2021
View reviewed changes
intelmq/bots/parsers/shadowserver/_config.py
Comment on lines 2962 to +2963
('Microsoft-Sinkhole-Events-HTTP IPv4', 'event4_microsoft_sinkhole_http', event46_sinkhole_http),
('Microsoft_sinkhole_http', 'event4_microsoft_sinkhole_http', event4_microsoft_sinkhole_http),
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These two lines have the same file name pattern. If there's a mistake in the event46_sinkhole_http mapping, please fix this one.

@ghost
Copy link

ghost commented Aug 19, 2021

Regarding the honeypot feed it looks like you worked on that approximately at the same time as @monoidic (#2047). His mapping looks cleaner to me. However, if you could provide test cases for his PR, I bet he'd be happy :)

Regarding the other change on the Microsoft Sinkhole HTTP feed, I don't understand the intent of the change, see also my inline comment.

@ghost ghost added this to the 3.0.1 milestone Aug 19, 2021
@ghost ghost added the component: bots label Aug 19, 2021
@ghost ghost changed the title Create_config.py Shadowserver parser: mapping for Honeypont HTTP Scan and updated Microsoft Sinkhole HTTP Aug 19, 2021
@ghost ghost added the needs: feedback label Aug 23, 2021
@ghost ghost mentioned this pull request Aug 23, 2021
Closed
@ghost
Copy link

ghost commented Sep 1, 2021

Obsoleted by other PRs (#2060 by @abr4xc and #2047 by @monoidic ). If my conclusion is an error, please re-open the PR of course.

Thanks for your efforts though, even if the code did not get in!

@ghost ghost closed this Sep 1, 2021
This pull request was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
Assignees
No one assigned
Labels
component: bots needs: feedback
Projects
None yet
Milestone
3.0.1
Development

Successfully merging this pull request may close these issues.
1 participant
@oscarliz