VX Underground threat feed of indicators and observables
Name | Description | Data Type | Format |
---|---|---|---|
id | Unique row identifier | uuid | uuid |
created_at | Timestamp of row creation | timestamp with time zone | timestamptz |
first_seen | If available, when the obserable was first seen | timestamp with time zone | timestamptz |
last_seen | If available, when the obserable was most recently seen | timestamp with time zone | timestamptz |
type | Type of observable (ipv4 ,sha256 ,md5 ,host ,url ) |
character varying | varchar |
observable | Raw text of the observable | character varying | varchar |
references | Links to research or URL where observable is identified | ARRAY | _varchar |
tags | User submitted tags for observable (eg. emotet ,apt28 ) |
ARRAY | _varchar |
- the discord collector is set to log to Elasticsearch. Let's rip that out
- discord collector needs to output same format as web crawl
Use a .secrets
to stored anything sensitive. It is not tracked by git.