Hortonworks Docs » Hortonworks Cybersecurity Platform 1.7.0 » Runbook Enriching with Threat Intelligence Information
Runbook Enriching with Threat Intelligence Information
Also available as:
PDF

Push Hailataxii Feeds to HBase

After you create the extractor configuration and connection configuration files, you can push the HailaTAXII feeds from the OpenTAXII server into HBase.

  1. Push the HailaTAXII feeds from the OpenTAXII server into HBase: 
    /usr/metron/<METRON_VERSION>/bin/threatintel_taxii_load.sh -b <START_TIME> -c /path/to/connection_config.json
  -e /path/to/extractor.json -p <TIME_INTERVAL_MSECS>
For example:
/usr/metron/0.2.0BETA/bin/threatintel_taxii_load.sh -b "2016-08-01 00:00:00" -c ~/connection_config.json -e ~/extractor.json -p 10000
  2. Remove any non-ASCII invisible characters that might have been included if you copy and pasted:
    iconv -c -f utf-8 -t ascii threatintel_extractor_config_temp.json -o threatintel_extractor_config.json
© 2012–2019, Hortonworks, Inc.
Document licensed under the Creative Commons Attribution ShareAlike 4.0 License.
Hortonworks.com | Documentation | Support | Community