Issue
- You need to utilize the OpenCTI TAXII2 Connector to ingest ESET Threat Intelligence feed data
Solution
-
Access OpenCTI TAXII2 Connector GitHub. In this example, we utilize OpenCTI TAXII2 connector integration using docker-compose as a preferred installation type.
-
Double-click docker-compose.yml to open
docker_compose.yml
from the OpenCTI TAXII2 Connector on the GitHub repository. -
Copy the content of the OpenCTI TAXII2 Connector
docker-compose.yml
file and replace the configuration variables. Read more about the configuration and installation of the OpenCTI TAXII2 Connector.- OPENCTI_TOKEN=${OPENCTI_ADMIN_TOKEN}
- CONNECTOR_ID=${CONNECTOR_TAXII2_ID}
- TAXII2_DISCOVERY_URL= URL of ETI TAXII 2.x discovery
- TAXII2_USERNAME=ESET Threat Intelligence username
- TAXII2_PASSWORD=ESET Threat Intelligence password