• caglararli@hotmail.com
  • 05386281520

implement MISP on Sentinel to receive logs from the IOCs [migrated]

Çağlar Arlı      -    36 Views

implement MISP on Sentinel to receive logs from the IOCs [migrated]

I'm a Cybersecurity intern, and I need to develop a project for our SOC operation. The project is to implement MISP on Sentinel to receive logs from the IOCs that MISP contains. The problem is: I can't find anyone who has recently done this implementation, and following this documentation has been a hard task because it's really confusing: https://github.com/cudeso/misp2sentinel.

I have already created an application on Sentinel and gave it permission. MISP is already installed on LVM, and the IOC feeds are active. Now I'm trying to configure the authentication. After this, will the MISP2Sentinel connector be connected and start receiving logs from MISP? If anyone could share information about this, I would appreciate it, because I’ve had a hard time following the documentation, as there are a lot of steps that are difficult to understand.