GreyNoise Anomali ThreatStream Enrichment

Initial Build with Anomali Enrichment SDK v2.0

Sample Commandline Test Command for Context Enrichment:

python3 greynoise_anomali_enrichment.py enrichIP <enter_ip> --credentials "{\"api_key\":\"<enter_api_key>\"}"

Sample Commandline Test Command for Pivot Enrichment:

python3 greynoise_anomali_transform.py "Search IP" <enter_ip> --credentials "{\"api_key\":\"<enter_api_key>\"}"

Bundle Build Process:

• Ensure that metadata.json contains an update version number
• Ensure an updated PDF of the documentation is included in the docs folder, following the naming convention GreyNoise Enrichment Plugin for Anomali ThreatStream v<version>.pdf
• Run python3 build-bundle.py
• The bundle file will be created in the bundles directory with format: greynoise-enrichment-<version>.tar.gz
• The submission Zip needed to send to Anomali (include the bundle and docs) will be created in the bundles directory with format: greynoise-enrichment-<version>.zip

Doc Information:

• Ensure any relevant features or new transforms are added to the document
• Ensure the change log is updated in the document

Certification Submission:

• Email the Zip file for submission to enrichments.sdk@anomali.com

Contributing

Please read CONTRIBUTING.md for details on our code of conduct, and the process for submitting pull requests to us.

Versioning

We use SemVer for versioning. For the versions available, see the tags on this repository.

Authors

• Brad Chiappetta - Initial work - BradChiappetta

See also the list of contributors who participated in this project.

License

This project is licensed under the MIT License - see the LICENSE.md file for details.

Acknowledgments

Links

• GreyNoise.io
• GreyNoise Terms
• GreyNoise Developer Portal

Contact Us

Have any questions or comments on this integration? Contact us at integrations@greynoise.io