Hortonworks Docs » Hortonworks Cybersecurity Platform 1.7.0 » Enriching With Threat Intelligence Information
Enriching With Threat Intelligence Information
Also available as:
PDF

Push Hail a TAXII Feeds to HBase

After you create the extractor configuration and connection configuration files, you can push the Hail a TAXII feeds from the TAXII server into HBase.

  1. Push the Hail a TAXII feeds from the TAXII server into HBase: 
    $METRON_HOME/bin/threatintel_taxii_load.sh -b <START_TIME> -c $METRON_HOME/config/threatintel_connection_config.json
  -e $METRON_HOME/config/threatintel_extractor_config.json -p <TIME_INTERVAL_MSECS>
For example:$METRON_HOME/bin/threatintel_taxii_load.sh -b "2016-08-01 00:00:00" -c $METRON_HOME/config/threatintel_connection_config.json -e $METRON_HOME/config/threatintel_extractor_config.json -p 10000
  2. Remove any non-ASCII invisible characters that might have been included if you copy and pasted:
    iconv -c -f utf-8 -t ascii threatintel_extractor_config_temp.json -o threatintel_extractor_config.json
© 2012–2019, Hortonworks, Inc.
Document licensed under the Creative Commons Attribution ShareAlike 4.0 License.
Hortonworks.com | Documentation | Support | Community