Updating Zeek Intel Feeds

Follow

Curtis Ringwald

• December 29, 2022 15:58
• Edited

Hey! Is it possible to add additional Zeek Intel feeds to FWG+ such as:

Any feedback would be appreciated, Thank you!

https://github.com/CriticalPathSecurity/Zeek-Intelligence-Feeds

And if so assuming would push the logs to:

/log/blog

versus sending them to:

/usr/local/zeek/logs/current/intel.log

Any feedback would be appreciated, Thank you!

0

• 

  Firewalla

  • December 29, 2022 15:57

  Much of the intel part is already built into the other parts of firewalla. Either as target lists or something we call active protect. You can see https://help.firewalla.com/hc/en-us/articles/360049856394-How-to-Secure-Your-Network-with-Firewalla-Part-3-Protect 

  1

  Comment actions Permalink

Please sign in to leave a comment.