Skip to content
/ Tie2stix Public

Allow conversion to McAfee Threat Intelligence Exchange File hashes as STIX XML File for Ingestion into SIEM/TIP

3 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

arniecommits/Tie2stix

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits
.gitattributes
.gitattributes
 
 
README.md
README.md
 
 
ePO TIE Query Import.xml
ePO TIE Query Import.xml
 
 
requirements.txt
requirements.txt
 
 
tie2stix.py
tie2stix.py
 
 
tiestix.xml
tiestix.xml
 
 

Repository files navigation

Tie2stix

License Allow conversion of McAfee Threat Intelligence Exchange File Reputation hashes as STIX XML File for Ingestion into SIEM/TIP

Install Instructions

Step 1 Import the ePO query Import file in your ePO Under Queries and Report, hit edit and note the query id from the edit url or optionally you can run the web api query as described here https://docs.mcafee.com/bundle/epolicy-orchestrator-5.10.0-product-guide/page/GUID-86796CE0-477D-43EB-A9CF-6980401E0947.html

Import Import ePO Query.xml Run the TIE Reputation Export Query , just to make sure your TIE DB Connectivity is OK

Step 2 Install Python Libraries

pip install -r requirements.txt

Step 3 Edit the variables in the script

epo_ip='epo IP' 
query_id='id of imported query'
user_pass='admin:<yourpass>' 
stixfilename='STIXoutput.xml'

Step 4 Run the Python Script...happy STIXXING

python tie2stix.py

About

Allow conversion to McAfee Threat Intelligence Exchange File hashes as STIX XML File for Ingestion into SIEM/TIP

Resources

Readme
Activity

Stars

3 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages