EclecticIQ Intelligence Center
Ingest threat intelligence from Obstracts into the EclecticIQ Intelligence Center.

Prerequisites

Setup

EclecticIQ incoming feed setup
  1. 1.
    Navigate to the incoming feed setup page
  2. 2.
    Select add new feed
  3. 3.
    You can set most fields as you wish, the key ones are
    1. 1.
      Transport type: TAXII 2.1 poll
    2. 2.
      Content type: STIX 2.1
    3. 3.
      API Root URL: https://app.obstracts.com/taxii/taxii2/YOUR-GROUP-UUID (YOUR-GROUP-UUID can be btained on the Group Management page in the Obstracts web app)
    4. 5.
      Username: Obstracts username
    5. 6.
      Password: Obstracts API key
    6. 7.
      Added after: should be no more than 7 days because our TAXII feed does not return any more data than this
    7. 8.
      Objects per run (max): 50
    8. 9.
      Download time frame: advancing
Now click save, and you should see intelligence being ingested.

Usage

Once incoming feed is enabled, the ingested threat intelligence can be used in the EclecticIQ Intelligence Center.
Copy link
On this page
Prerequisites
Setup
Usage