A tool to import IoC feeds from provider and save records to BigQuery table.
- Import IoC feeds from provider, currently supporting
- AlienVault OTX (subscribed pulses)
- Abuse.ch (Feodo)
- Prevent duplicated records by imported time
- Google Cloud Platform account
- BigQuery dataset
- Service Account with BigQuery write permission of the dataset such as
roles/bigquery.dataEditor - Service Account key file (JSON)
- Each providers account (if you need)
- AlienVault OTX (API key)
$ go install github.com/m-mizutani/drone@latestor
$ docker run ghcr.io/m-mizutani/drone:latest$ export DRONE_BIGQUERY_PROJECT_ID=your-project-id
$ export DRONE_BIGQUERY_DATASET_ID=your_dataset_id
$ export DRONE_BIGQUERY_SA_KEY_FILE=/path/to/your_service_account_key.json
# If you want to set credential directly, use DRONE_BIGQUERY_SA_KEY_DATA
# export DRONE_BIGQUERY_SA_KEY_DATA=$(cat /path/to/your_service_account_key.json)
$ export DRONE_OTX_API_KEY=abcde12345XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
$ drone import otx subscribed$ export DRONE_BIGQUERY_PROJECT_ID=your-project-id
$ export DRONE_BIGQUERY_DATASET_ID=your_dataset_id
$ export DRONE_BIGQUERY_SA_KEY_FILE=/path/to/your_service_account_key.json
$ drone import abusech feodoApache License 2.0