CIF Feed Error

Question

CIF Feed Error

devangraval007 opened this issue 6 years ago · comments

Hello Sir,

Hope you are doing well. Sir i face a error while run script of getting feed.
Error screenshot i attached with.
Please do needful.

devangraval007 · Answer 1 · Fri Mar 23 2018 13:57:44 GMT+0800 (China Standard Time)

Hello Sir, As you guide. I am not able to fetch feed from CIF. Can you please give me different solution for it. Thanking you in advance. Thanks, Devang Raval

…

On Thu, Mar 22, 2018 at 7:28 PM, josarsepi ***@***.***> wrote: It looks like otype is now itype. $ cif --help usage: cif [-h] [-d] [-V] [--runtime-path RUNTIME_PATH] [--token TOKEN] [--remote REMOTE] [-p] [--ping-indef] [-q SEARCH] [--itype ITYPE] [--submit] [--limit LIMIT] [--reporttime REPORTTIME] [-n] [-f {bindrpz,bind,bro,json,snort,table,csv}] [--indicator INDICATOR] [--tags TAGS [TAGS ...]] [--provider PROVIDER] [--confidence CONFIDENCE] [--zmq] [--config CONFIG] [--feed] [--no-verify-ssl] [--last-day] [--last-hour] [--days DAYS] [--today] [--columns COLUMNS] [--asn ASN] [--cc CC] [--asn-desc ASN_DESC] [--rdata RDATA] [--no-feed] [--region REGION] [--delete] [--id ID] example usage: $ cif -q example.org -d $ cif --search 1.2.3.0/24 $ cif --ping optional arguments: -h, --help show this help message and exit -d, --debug -V, --version show program's version number and exit --runtime-path RUNTIME_PATH specify the runtime path [default /tmp] --token TOKEN specify api token --remote REMOTE specify API remote [default http://localhost:5000] -p, --ping --ping-indef -q SEARCH, --search SEARCH search --itype ITYPE filter by indicator type --submit submit an indicator --limit LIMIT limit results [default 500] --reporttime REPORTTIME specify reporttime filter -n, --nolog do not log search -f {bindrpz,bind,bro,json,snort,table,csv}, --format {bindrpz,bind,bro,json,snort,table,csv} specify output format [default: table]" --indicator INDICATOR --tags TAGS [TAGS ...] --provider PROVIDER --confidence CONFIDENCE specify confidence level --zmq use zmq as a transport instead of http --config CONFIG specify config file [default /home/cif/.cif.yml] --feed --no-verify-ssl --last-day auto-sets reporttime to 23 hours and 59 seconds ago (current time UTC) and reporttime-end to "now" --last-hour auto-sets reporttime to the beginning of the previous full hour and reporttime-end to end of previous full hour --days DAYS filter results within last X days --today auto-sets reporttime to today, 00:00:00Z (UTC) --columns COLUMNS specify output columns [default tlp,group,reporttime,i ndicator,firsttime,lasttime,count,tags,description,con fidence,rdata,provider] --asn ASN --cc CC --asn-desc ASN_DESC --rdata RDATA --no-feed --region REGION --delete --id ID ` — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub <#502 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AhqbAE-e99R9zz69D5_QGY6IXihx8-Qxks5tg64CgaJpZM4SzANO> .

wes · Answer 2 · Fri Mar 23 2018 20:07:44 GMT+0800 (China Standard Time)

please check the FAQ, specifically: https://github.com/csirtgadgets/massive-octo-spice/wiki/Troubleshooting-CIF

also- when logging an issue, be sure to fill out the issue template with the results from the tests / logs.